CVE-2024-57901: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-57901 is a vulnerability in the Linux kernel's afpacket subsystem, specifically in the vlangetprotocoldgram() function. The vulnerability was discovered by syzbot and disclosed on January 15, 2025. The issue affects multiple versions of the Linux kernel, including versions from 4.19.320 to 6.13-rc5 (NVD).

The vulnerability stems from a bug in the vlangetprotocoldgram() function where it failed to handle the MSGPEEK case correctly. The function was modifying the skb (socket buffer) data structure without proper consideration for concurrent access from multiple CPUs. The issue could trigger a kernel panic with the error 'skbunderpanic' when accessing VLAN-tagged packets. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can cause a kernel crash (denial of service) on affected systems. The issue specifically manifests when processing VLAN-tagged packets with the MSG_PEEK flag, potentially affecting network packet processing capabilities (Kernel Patch).

The vulnerability has been fixed in multiple Linux kernel versions. Debian has released security updates addressing this issue in version 5.10.234-1 for Debian 11 (bullseye) and version 6.1.128-1~deb11u1 for the linux-6.1 package. The fix involves reworking the vlangetprotocol_dgram() function to avoid modifying the skb structure and adding proper const qualifiers (Debian LTS, Debian LTS).