Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

Vulnerability IntelligenceCVE-2024-53164

CVE-2024-53164

MEDIUM5.5

net: sched: fix ordering of qlen adjustment

Published Dec 27, 2024

Modified 2 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

net: sched: fix ordering of qlen adjustment

Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen before a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.

References

WEB

https://git.kernel.org/stable/c/33db36b3c53d0fda2699ea39ba72bee4de8336e8

WEB

https://git.kernel.org/stable/c/44782565e1e6174c94bddfa72ac7267cd09c1648

WEB

https://git.kernel.org/stable/c/489422e2befff88a1de52b2acebe7b333bded025

WEB

https://git.kernel.org/stable/c/5e473f462a16f1a34e49ea4289a667d2e4f35b52

WEB

https://git.kernel.org/stable/c/5eb7de8cd58e73851cd37ff8d0666517d9926948

WEB

https://git.kernel.org/stable/c/97e13434b5da8e91bdf965352fad2141d13d72d3

WEB

https://git.kernel.org/stable/c/e3e54ad9eff8bdaa70f897e5342e34b76109497f

WEB

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

WEB

https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2024-53164

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedDec 27, 2024

ModifiedJan 5, 2026

CVE-2024-53164 | Mondoo Vulnerability Intelligence