CVE-2024-53211

Published: Dec 27, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net/l2tp: fix warning in l2tp_exit_net found by syzbot In l2tp's net exit handler, we check that an IDR is empty before destroying it: WARN_ON_ONCE(!idr_is_empty(&pn->l2tp_tunnel_idr)); idr_destroy(&pn->l2tp_tunnel_idr); By forcing memory allocation failures in idr_alloc_32, syzbot is able to provoke a condition where idr_is_empty returns false despite there being no items in the IDR. This turns out to be because the radix tree of the IDR contains only internal radix-tree nodes and it is this that causes idr_is_empty to return false. The internal nodes are cleaned by idr_destroy. Use idr_for_each to check that the IDR is empty instead of idr_is_empty to avoid the problem.

Vendor	Product	Versions
Linux	Linux	affected `73d33bd063c4cfef3db17f9bec3d202928ed8631 - < a487cc8986d6dd75b60b59004f3bd2ea9b4dd541` affected `73d33bd063c4cfef3db17f9bec3d202928ed8631 - < 5d066766c5f1252f98ff859265bcd1a5b52ac46c`
Linux	Linux	affected `6.12` unaffected `0 - < 6.12` unaffected `6.12.2 - <= 6.12.` unaffected `6.13 - <= `

References

https://git.kernel.org/stable/c/a487cc8986d6dd75b60b59004f3bd2ea9b4dd541

https://git.kernel.org/stable/c/5d066766c5f1252f98ff859265bcd1a5b52ac46c

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-53211

Description

Affected Products

References