CVE-2024-49980

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58

Description: A vulnerability in the Linux kernel has been resolved by reverting a commit that removed unnecessary RCU-bh critical section protection. The dev queue xmit nit function is expected to be called with BH disabled, and the dev queue xmit function has a lock to prevent soft irqs for various locks below and stops preemption for RCU. The referenced commit removed this protection, triggering a lockdep warning due to inconsistent lock state. The warning indicates a possible unsafe locking scenario that could lead to a deadlock.

Recommendations: To resolve the issue, update to Linux kernel version 6.6.58 or later. As a temporary workaround, consider disabling the vrf module until a patch is available. Restrict access to the dev queue xmit nit function to minimize the risk of exploitation. Avoid using the rcu read lock bh function in the affected code path until the issue is resolved.