[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-56633":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":128,"related":129,"reserved_at":9,"published_at":148,"modified_at":149,"state":150,"summary":151,"references_raw":160,"kevs":199,"epss":200,"epss_history":203,"metrics":469,"affected":475},"CVE-2024-56633","In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg\n\nThe current sk memory accounting logic in __SK_REDIRECT is pre-uncharging\ntosend bytes, which is either msg->sg.size or a smaller value apply_bytes.\n\nPotential problems with this strategy are as follows:\n\n- If the actual sent bytes are smaller than tosend, we need to charge some\n  bytes back, as in line 487, which is okay but seems not clean.\n\n- When tosend is set to apply_bytes, as in line 417, and (ret \u003C 0), we may\n  miss uncharging (msg->sg.size - apply_bytes) bytes.\n\n[...]\n415 tosend = msg->sg.size;\n416 if (psock->apply_bytes && psock->apply_bytes \u003C tosend)\n417   tosend = psock->apply_bytes;\n[...]\n443 sk_msg_return(sk, msg, tosend);\n444 release_sock(sk);\n446 origsize = msg->sg.size;\n447 ret = tcp_bpf_sendmsg_redir(sk_redir, redir_ingress,\n448                             msg, tosend, flags);\n449 sent = origsize - msg->sg.size;\n[...]\n454 lock_sock(sk);\n455 if (unlikely(ret \u003C 0)) {\n456   int free = sk_msg_free_nocharge(sk, msg);\n458   if (!cork)\n459     *copied -= free;\n460 }\n[...]\n487 if (eval == __SK_REDIRECT)\n488   sk_mem_charge(sk, tosend - sent);\n[...]\n\nWhen running the selftest test_txmsg_redir_wait_sndmem with txmsg_apply,\nthe following warning will be reported:\n\n------------[ cut here ]------------\nWARNING: CPU: 6 PID: 57 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x190/0x1a0\nModules linked in:\nCPU: 6 UID: 0 PID: 57 Comm: kworker/6:0 Not tainted 6.12.0-rc1.bm.1-amd64+ #43\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nWorkqueue: events sk_psock_destroy\nRIP: 0010:inet_sock_destruct+0x190/0x1a0\nRSP: 0018:ffffad0a8021fe08 EFLAGS: 00010206\nRAX: 0000000000000011 RBX: ffff9aab4475b900 RCX: ffff9aab481a0800\nRDX: 0000000000000303 RSI: 0000000000000011 RDI: ffff9aab4475b900\nRBP: ffff9aab4475b990 R08: 0000000000000000 R09: ffff9aab40050ec0\nR10: 0000000000000000 R11: ffff9aae6fdb1d01 R12: ffff9aab49c60400\nR13: ffff9aab49c60598 R14: ffff9aab49c60598 R15: dead000000000100\nFS:  0000000000000000(0000) GS:ffff9aae6fd80000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffec7e47bd8 CR3: 00000001a1a1c004 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n\u003CTASK>\n? __warn+0x89/0x130\n? inet_sock_destruct+0x190/0x1a0\n? report_bug+0xfc/0x1e0\n? handle_bug+0x5c/0xa0\n? exc_invalid_op+0x17/0x70\n? asm_exc_invalid_op+0x1a/0x20\n? inet_sock_destruct+0x190/0x1a0\n__sk_destruct+0x25/0x220\nsk_psock_destroy+0x2b2/0x310\nprocess_scheduled_works+0xa3/0x3e0\nworker_thread+0x117/0x240\n? __pfx_worker_thread+0x10/0x10\nkthread+0xcf/0x100\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x31/0x40\n? __pfx_kthread+0x10/0x10\nret_from_fork_asm+0x1a/0x30\n\u003C/TASK>\n---[ end trace 0000000000000000 ]---\n\nIn __SK_REDIRECT, a more concise way is delaying the uncharging after sent\nbytes are finalized, and uncharge this value. When (ret \u003C 0), we shall\ninvoke sk_msg_free.\n\nSame thing happens in case __SK_DROP, when tosend is set to apply_bytes,\nwe may miss uncharging (msg->sg.size - apply_bytes) bytes. The same\nwarning will be reported in selftest.\n\n[...]\n468 case __SK_DROP:\n469 default:\n470 sk_msg_free_partial(sk, msg, tosend);\n471 sk_msg_apply_bytes(psock, tosend);\n472 *copied -= (tosend + delta);\n473 return -EACCES;\n[...]\n\nSo instead of sk_msg_free_partial we can do sk_msg_free here.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[],[],[],[22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126],{"_key":23},"SUSE-SU-2025:01983-1",{"_key":25},"SUSE-SU-2025:0564-1",{"_key":27},"SUSE-SU-2025:0834-1",{"_key":29},"SUSE-SU-2025:1293-1",{"_key":31},"SUSE-SU-2025:0847-1",{"_key":33},"SUSE-SU-2025:0856-1",{"_key":35},"SUSE-SU-2025:0955-1",{"_key":37},"DLA-4075-1",{"_key":39},"DLA-4076-1",{"_key":41},"SUSE-SU-2025:20190-1",{"_key":43},"SUSE-SU-2025:20192-1",{"_key":45},"SUSE-SU-2025:20260-1",{"_key":47},"SUSE-SU-2025:20270-1",{"_key":49},"SUSE-SU-2025:4189-1",{"_key":51},"MGASA-2025-0030",{"_key":53},"MGASA-2025-0032",{"_key":55},"DEBIAN-CVE-2024-56633",{"_key":57},"RHSA-2026:18134",{"_key":59},"USN-7379-1",{"_key":61},"USN-7381-1",{"_key":63},"USN-7382-1",{"_key":65},"USN-7387-1",{"_key":67},"USN-7387-2",{"_key":69},"USN-7387-3",{"_key":71},"USN-7388-1",{"_key":73},"USN-7389-1",{"_key":75},"USN-7390-1",{"_key":77},"USN-7391-1",{"_key":79},"USN-7392-1",{"_key":81},"USN-7392-2",{"_key":83},"USN-7392-3",{"_key":85},"USN-7392-4",{"_key":87},"USN-7393-1",{"_key":89},"USN-7401-1",{"_key":91},"USN-7407-1",{"_key":93},"USN-7413-1",{"_key":95},"USN-7421-1",{"_key":97},"USN-7449-1",{"_key":99},"USN-7449-2",{"_key":101},"USN-7450-1",{"_key":103},"USN-7451-1",{"_key":105},"USN-7452-1",{"_key":107},"USN-7453-1",{"_key":109},"USN-7458-1",{"_key":111},"USN-7459-1",{"_key":113},"USN-7459-2",{"_key":115},"USN-7463-1",{"_key":117},"USN-7468-1",{"_key":119},"USN-7523-1",{"_key":121},"USN-7524-1",{"_key":123},"USN-7539-1",{"_key":125},"USN-7540-1",{"_key":127},"UBUNTU-CVE-2024-56633",[],[130,131,132,133,134,136,138,139,140,141,142,143,144,145,146,147],{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":135},"USN-7379-2",{"_key":137},"USN-7380-1",{"_key":31},{"_key":33},{"_key":35},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},"2024-12-27T15:02:31.273Z","2026-05-11T20:56:15.744Z","Modified",{"cisa_kev":152,"cisa_ransomware":152,"cisa_vendor":9,"epss_severity":153,"epss_score":154,"severity":155,"severity_score":156,"severity_version":157,"severity_source":158,"severity_vector":159,"severity_status":150},false,"low",0.00022,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[161,167,171,175,179,183,187,191,195],{"url":162,"sources":163,"tags":165},"https://git.kernel.org/stable/c/905d82e6e77d16ec3e089c92b7b59a14899dfc1a",[164,158],"cve.org",[166],"Patch",{"url":168,"sources":169,"tags":170},"https://git.kernel.org/stable/c/dbedc7e142df5ea238a46fdd7462c1c42cd36a10",[164,158],[166],{"url":172,"sources":173,"tags":174},"https://git.kernel.org/stable/c/0d6cd1151e26fc7c2d5daa85e8984aaa685a1a12",[164,158],[166],{"url":176,"sources":177,"tags":178},"https://git.kernel.org/stable/c/456f08d24afa51b5eb816c42e4ca1c44a247bd42",[164,158],[166],{"url":180,"sources":181,"tags":182},"https://git.kernel.org/stable/c/206d56f41a1509cadd06e2178c26cb830e45057d",[164,158],[166],{"url":184,"sources":185,"tags":186},"https://git.kernel.org/stable/c/5c9e3bb43a354a2245caebbbbb4a5b8c034fdd56",[164,158],[166],{"url":188,"sources":189,"tags":190},"https://git.kernel.org/stable/c/ca70b8baf2bd125b2a4d96e76db79375c07d7ff2",[164,158],[166],{"url":192,"sources":193,"tags":194},"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html",[164,158],[],{"url":196,"sources":197,"tags":198},"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html",[164,158],[],[],{"date":201,"score":154,"percentile":202},"2026-06-04",0.06541,[204,208,211,214,217,220,223,226,229,232,235,238,241,244,247,251,254,257,260,263,265,268,271,274,277,280,282,285,288,291,294,297,300,303,306,309,312,316,319,322,325,328,331,334,337,340,343,346,349,352,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,429,431,434,437,439,442,445,448,451,453,456,459,462,464,467],{"date":205,"score":206,"percentile":207},"2025-11-04",0.00034,0.09025,{"date":209,"score":206,"percentile":210},"2025-11-05",0.09037,{"date":212,"score":206,"percentile":213},"2025-11-06",0.09161,{"date":215,"score":206,"percentile":216},"2025-11-07",0.09178,{"date":218,"score":206,"percentile":219},"2025-11-08",0.09177,{"date":221,"score":206,"percentile":222},"2025-11-09",0.09146,{"date":224,"score":206,"percentile":225},"2025-11-10",0.091,{"date":227,"score":206,"percentile":228},"2025-11-11",0.09126,{"date":230,"score":206,"percentile":231},"2025-11-12",0.0916,{"date":233,"score":206,"percentile":234},"2025-11-13",0.09201,{"date":236,"score":206,"percentile":237},"2025-11-14",0.09245,{"date":239,"score":206,"percentile":240},"2025-11-15",0.09272,{"date":242,"score":206,"percentile":243},"2025-11-16",0.09276,{"date":245,"score":206,"percentile":246},"2025-11-17",0.09265,{"date":248,"score":249,"percentile":250},"2025-11-18",0.00065,0.15922,{"date":252,"score":249,"percentile":253},"2025-11-19",0.15933,{"date":255,"score":249,"percentile":256},"2025-11-20",0.15916,{"date":258,"score":206,"percentile":259},"2025-11-21",0.09337,{"date":261,"score":206,"percentile":262},"2025-11-22",0.09304,{"date":264,"score":206,"percentile":243},"2025-11-23",{"date":266,"score":206,"percentile":267},"2025-11-24",0.09258,{"date":269,"score":206,"percentile":270},"2025-11-25",0.09246,{"date":272,"score":206,"percentile":273},"2025-11-26",0.09254,{"date":275,"score":206,"percentile":276},"2025-11-27",0.09266,{"date":278,"score":206,"percentile":279},"2025-11-28",0.09248,{"date":281,"score":206,"percentile":243},"2025-11-29",{"date":283,"score":206,"percentile":284},"2025-11-30",0.09283,{"date":286,"score":206,"percentile":287},"2025-12-01",0.09327,{"date":289,"score":206,"percentile":290},"2025-12-02",0.0934,{"date":292,"score":206,"percentile":293},"2025-12-03",0.09364,{"date":295,"score":206,"percentile":296},"2025-12-04",0.09361,{"date":298,"score":206,"percentile":299},"2025-12-05",0.09419,{"date":301,"score":206,"percentile":302},"2025-12-06",0.0943,{"date":304,"score":206,"percentile":305},"2025-12-07",0.09434,{"date":307,"score":206,"percentile":308},"2025-12-08",0.09441,{"date":310,"score":206,"percentile":311},"2025-12-09",0.09498,{"date":313,"score":314,"percentile":315},"2025-12-10",0.00041,0.12412,{"date":317,"score":314,"percentile":318},"2025-12-11",0.12438,{"date":320,"score":314,"percentile":321},"2025-12-12",0.12481,{"date":323,"score":314,"percentile":324},"2025-12-13",0.12498,{"date":326,"score":314,"percentile":327},"2025-12-14",0.1248,{"date":329,"score":314,"percentile":330},"2025-12-15",0.12431,{"date":332,"score":314,"percentile":333},"2025-12-16",0.12403,{"date":335,"score":314,"percentile":336},"2025-12-17",0.12491,{"date":338,"score":314,"percentile":339},"2025-12-18",0.12573,{"date":341,"score":314,"percentile":342},"2025-12-19",0.12584,{"date":344,"score":314,"percentile":345},"2025-12-20",0.12581,{"date":347,"score":314,"percentile":348},"2025-12-21",0.12566,{"date":350,"score":314,"percentile":351},"2025-12-22",0.12527,{"date":353,"score":314,"percentile":351},"2025-12-23",{"date":355,"score":314,"percentile":356},"2025-12-24",0.12538,{"date":358,"score":314,"percentile":359},"2025-12-25",0.12607,{"date":361,"score":314,"percentile":362},"2025-12-26",0.12592,{"date":364,"score":314,"percentile":365},"2025-12-27",0.12595,{"date":367,"score":314,"percentile":368},"2025-12-28",0.1258,{"date":370,"score":314,"percentile":371},"2025-12-29",0.12472,{"date":373,"score":314,"percentile":374},"2025-12-30",0.1245,{"date":376,"score":314,"percentile":377},"2025-12-31",0.12494,{"date":379,"score":314,"percentile":380},"2026-01-01",0.12525,{"date":382,"score":314,"percentile":383},"2026-01-02",0.125,{"date":385,"score":314,"percentile":386},"2026-01-03",0.12469,{"date":388,"score":314,"percentile":389},"2026-01-04",0.12399,{"date":391,"score":314,"percentile":392},"2026-01-05",0.12343,{"date":394,"score":314,"percentile":395},"2026-01-06",0.12358,{"date":397,"score":314,"percentile":398},"2026-01-07",0.1239,{"date":400,"score":314,"percentile":401},"2026-01-08",0.12436,{"date":403,"score":314,"percentile":404},"2026-01-09",0.12457,{"date":406,"score":314,"percentile":407},"2026-01-10",0.12483,{"date":409,"score":314,"percentile":410},"2026-01-11",0.12454,{"date":412,"score":314,"percentile":413},"2026-01-12",0.12428,{"date":415,"score":314,"percentile":416},"2026-01-13",0.12407,{"date":418,"score":314,"percentile":419},"2026-01-14",0.1247,{"date":421,"score":314,"percentile":422},"2026-01-15",0.12476,{"date":424,"score":314,"percentile":425},"2026-01-16",0.12523,{"date":427,"score":314,"percentile":428},"2026-01-17",0.12536,{"date":430,"score":314,"percentile":321},"2026-01-18",{"date":432,"score":314,"percentile":433},"2026-01-19",0.12432,{"date":435,"score":314,"percentile":436},"2026-01-20",0.12414,{"date":438,"score":314,"percentile":398},"2026-01-21",{"date":440,"score":314,"percentile":441},"2026-01-22",0.12373,{"date":443,"score":314,"percentile":444},"2026-01-23",0.12458,{"date":446,"score":314,"percentile":447},"2026-01-24",0.12511,{"date":449,"score":314,"percentile":450},"2026-01-25",0.12464,{"date":452,"score":314,"percentile":416},"2026-01-26",{"date":454,"score":314,"percentile":455},"2026-01-27",0.12392,{"date":457,"score":314,"percentile":458},"2026-01-28",0.12381,{"date":460,"score":314,"percentile":461},"2026-01-29",0.12364,{"date":463,"score":314,"percentile":458},"2026-01-30",{"date":465,"score":314,"percentile":466},"2026-01-31",0.12396,{"date":468,"score":314,"percentile":466},"2026-02-01",[470],{"source":158,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":471,"cvss_v4_0":9},{"baseScore":156,"baseSeverity":472,"vectorString":159,"impactScore":473,"exploitabilityScore":474},"HIGH",9.8,4.6,[476,508],{"ecosystem":9,"name":477,"vendor":478,"product":478,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":480},"Linux","linux","a",[481,488,491,494,497,500,503,506],{"version":482,"is_range":483,"range_type":164,"version_start":484,"version_start_type":485,"version_end":486,"version_end_type":487,"fixed_in":9},">= 604326b41a6fb9b4a78b6179335decee0365cd8c, \u003C 905d82e6e77d16ec3e089c92b7b59a14899dfc1a",true,"604326b41a6fb9b4a78b6179335decee0365cd8c","including","905d82e6e77d16ec3e089c92b7b59a14899dfc1a","excluding",{"version":489,"is_range":483,"range_type":164,"version_start":484,"version_start_type":485,"version_end":490,"version_end_type":487,"fixed_in":9},">= 604326b41a6fb9b4a78b6179335decee0365cd8c, \u003C dbedc7e142df5ea238a46fdd7462c1c42cd36a10","dbedc7e142df5ea238a46fdd7462c1c42cd36a10",{"version":492,"is_range":483,"range_type":164,"version_start":484,"version_start_type":485,"version_end":493,"version_end_type":487,"fixed_in":9},">= 604326b41a6fb9b4a78b6179335decee0365cd8c, \u003C 0d6cd1151e26fc7c2d5daa85e8984aaa685a1a12","0d6cd1151e26fc7c2d5daa85e8984aaa685a1a12",{"version":495,"is_range":483,"range_type":164,"version_start":484,"version_start_type":485,"version_end":496,"version_end_type":487,"fixed_in":9},">= 604326b41a6fb9b4a78b6179335decee0365cd8c, \u003C 456f08d24afa51b5eb816c42e4ca1c44a247bd42","456f08d24afa51b5eb816c42e4ca1c44a247bd42",{"version":498,"is_range":483,"range_type":164,"version_start":484,"version_start_type":485,"version_end":499,"version_end_type":487,"fixed_in":9},">= 604326b41a6fb9b4a78b6179335decee0365cd8c, \u003C 206d56f41a1509cadd06e2178c26cb830e45057d","206d56f41a1509cadd06e2178c26cb830e45057d",{"version":501,"is_range":483,"range_type":164,"version_start":484,"version_start_type":485,"version_end":502,"version_end_type":487,"fixed_in":9},">= 604326b41a6fb9b4a78b6179335decee0365cd8c, \u003C 5c9e3bb43a354a2245caebbbbb4a5b8c034fdd56","5c9e3bb43a354a2245caebbbbb4a5b8c034fdd56",{"version":504,"is_range":483,"range_type":164,"version_start":484,"version_start_type":485,"version_end":505,"version_end_type":487,"fixed_in":9},">= 604326b41a6fb9b4a78b6179335decee0365cd8c, \u003C ca70b8baf2bd125b2a4d96e76db79375c07d7ff2","ca70b8baf2bd125b2a4d96e76db79375c07d7ff2",{"version":507,"is_range":152,"range_type":164,"version_start":507,"version_start_type":485,"version_end":507,"version_end_type":485,"fixed_in":9},"4.20",{"ecosystem":9,"name":509,"vendor":478,"product":510,"cpe_part":511,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":512},"linux kernel","linux_kernel","o",[513,517,521,525,529,533,537],{"version":514,"is_range":483,"range_type":515,"version_start":507,"version_start_type":485,"version_end":516,"version_end_type":487,"fixed_in":9},"gte4.20_lt5.4.287","cpe","5.4.287",{"version":518,"is_range":483,"range_type":515,"version_start":519,"version_start_type":485,"version_end":520,"version_end_type":487,"fixed_in":9},"gte5.5_lt5.10.231","5.5","5.10.231",{"version":522,"is_range":483,"range_type":515,"version_start":523,"version_start_type":485,"version_end":524,"version_end_type":487,"fixed_in":9},"gte5.11_lt5.15.174","5.11","5.15.174",{"version":526,"is_range":483,"range_type":515,"version_start":527,"version_start_type":485,"version_end":528,"version_end_type":487,"fixed_in":9},"gte5.16_lt6.1.120","5.16","6.1.120",{"version":530,"is_range":483,"range_type":515,"version_start":531,"version_start_type":485,"version_end":532,"version_end_type":487,"fixed_in":9},"gte6.2_lt6.6.66","6.2","6.6.66",{"version":534,"is_range":483,"range_type":515,"version_start":535,"version_start_type":485,"version_end":536,"version_end_type":487,"fixed_in":9},"gte6.7_lt6.12.5","6.7","6.12.5",{"version":538,"is_range":152,"range_type":515,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.13:rc1"]