CVE-2024-41007: tcp: avoid too many retransmit packets

Published Jul 15, 2024
·
Updated

In the Linux kernel, the following vulnerability has been resolved:

tcp: avoid too many retransmit packets

If a TCP socket is using TCPUSERTIMEOUT, and the other peer retracted its window to zero, tcpretransmittimer() can retransmit a packet every two jiffies (2 ms for HZ=1000), for about 4 minutes after TCPUSERTIMEOUT has 'expired'.

The fix is to make sure tcprtxprobe0timedout() takes icsk->icskusertimeout into account.

Before blamed commit, the socket would not timeout after icsk->icskusertimeout, but would use standard exponential backoff for the retransmits.

Also worth noting that before commit e89688e3e978 ("net: tcp: fix unexcepted socket die when sndwnd is 0"), the issue would last 2 minutes instead of 4.

Affected Software

13 affected componentsFixes available
redhat/kernel<6.10
6.10
Linux Linux kernel>=4.19<5.4.280
Linux Linux kernel>=5.5<5.10.222
Linux Linux kernel>=5.11<5.15.163
Linux Linux kernel>=5.16<6.1.100
Linux Linux kernel>=6.2<6.6.41
Linux Linux kernel>=6.7<6.9.10
IBM Security Verify Governance<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container<=ISVG 10.0.2
debian/linux
5.10.223-15.10.234-16.1.129-16.1.135-16.12.25-16.12.27-1
debian/linux-6.1
6.1.129-1~deb11u1

Remediation

Patch Available

https://git.kernel.org/stable/c/04317a2471c2f637b4c49cbd0e9c0d04a519f570

Patch Available

https://git.kernel.org/stable/c/5d7e64d70a11d988553a08239c810a658e841982

Patch Available

https://git.kernel.org/stable/c/66cb64a1d2239cd0309f9b5038b05462570a5be1

Patch Available

https://git.kernel.org/stable/c/7bb7670f92bfbd05fc41a8f9a8f358b7ffed65f4

Patch Available

https://git.kernel.org/stable/c/97a9063518f198ec0adb2ecb89789de342bb8283

Patch Available

https://git.kernel.org/stable/c/d2346fca5bed130dc712f276ac63450201d52969

Patch Available

https://git.kernel.org/stable/c/dfcdd7f89e401d2c6616be90c76c2fac3fa98fde

Patch Available

https://git.kernel.org/stable/c/e113cddefa27bbf5a79f72387b8fbd432a61a466

Patch Available

https://git.kernel.org/linus/b701a99e431db784714c32fc6b68123045714679

Patch Available

https://git.kernel.org/linus/97a9063518f198ec0adb2ecb89789de342bb8283

Event History

Jul 15, 2024
CVE Published
via MITRE·08:48 AM
Data Sourced
via MITRE·08:48 AM
Description
Data Sourced
via NVD·09:15 AM
RemedyDescriptionSeverityAffected Software
May 3, 2025
Data Sourced
via Ubuntu·06:21 AM
RemedyDescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2024-41007?

CVE-2024-41007 is a medium severity vulnerability in the Linux kernel.

2

How do I fix CVE-2024-41007?

To remediate CVE-2024-41007, upgrade the kernel to version 6.10 or the specific patched versions listed for your distribution.

3

Which Linux kernel versions are affected by CVE-2024-41007?

CVE-2024-41007 affects multiple Linux kernel versions, specifically those between 4.19 and 6.10.

4

What is the impact of CVE-2024-41007?

The impact of CVE-2024-41007 involves excessive retransmit packets from TCP sockets, potentially leading to network performance issues.

5

Is CVE-2024-41007 related to TCP sockets?

Yes, CVE-2024-41007 specifically concerns the behavior of TCP sockets using TCP_USER_TIMEOUT.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203