CVE-2024-57902: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-57902 affects the Linux kernel's afpacket subsystem, specifically in the vlangettci() function. The vulnerability was discovered by syzbot and disclosed on January 15, 2025. The issue stems from a forgotten MSGPEEK case in the code that could lead to a kernel crash (NVD).

The vulnerability exists in the vlangettci() function within the afpacket subsystem of the Linux kernel. The function incorrectly handled the MSGPEEK case by modifying the skb (socket buffer) data, which could be accessed simultaneously by multiple CPUs. The issue manifests as a kernel panic with an 'skbunderpanic' error when attempting to manipulate the socket buffer. The vulnerability has a CVSS v3.1 base score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can cause a denial of service condition through a kernel crash. The issue affects multiple versions of the Linux kernel, including versions from 4.19.320 to 6.13.x. The vulnerability requires local access and can disrupt system operations by triggering a kernel panic (NVD).

The vulnerability has been patched in the Linux kernel by reworking the vlangettci() function to avoid modifying the skb data structure. The fix adds a const qualifier to the skb argument and changes how VLAN header information is accessed. Multiple Linux distributions have released updates incorporating this fix, including Debian with version 6.1.6.1.128-1~deb11u1 (Debian Update).