CVE-2024-56783

MEDIUM 5.5

netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove unnecessary WARN_ON_ONCE which is reachable from userspace.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jan 8, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

ace0db36b4a1db07a48517c4f04488d1cd05e5f5 < 7064a6daa4a700a298fe3aee11dea296bfe59fc4 f07e28e4c623168f9fa5c00f518bd341d4014aa6 < 2f9bec0a749eb646b384fde0c7b7c24687b2ffae 7f3287db654395f9c5ddd246325ff7889f550286 < e227c042580ab065edc610c9ddc9bea691e6fc4d 7f3287db654395f9c5ddd246325ff7889f550286 < b7529880cb961d515642ce63f9d7570869bbbdc3 ecc5368315af8473fe052cb928e53756dbfe4403

Linux / Linux

6.11

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/7064a6daa4a700a298fe3aee11dea296bfe59fc4 git.kernel.org: https://git.kernel.org/stable/c/2f9bec0a749eb646b384fde0c7b7c24687b2ffae git.kernel.org: https://git.kernel.org/stable/c/e227c042580ab065edc610c9ddc9bea691e6fc4d git.kernel.org: https://git.kernel.org/stable/c/b7529880cb961d515642ce63f9d7570869bbbdc3 lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html