CVE-2024-50001

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58

Description: The issue is related to the multi-packet WQE transmit code in the Linux kernel, which attempts to obtain a DMA mapping for the skb. This could fail under memory pressure when the IOMMU driver cannot allocate more memory for page tables. The code erroneously unmaps one entry from the sq's FIFO list of active mappings, potentially removing a required DMA mapping. This could lead to the IOMMU assuming a rogue DMA access, resulting in the PCI function being put in an error state, for example, on s390 systems. The erroneous behavior was observed in a stress-test environment that created memory pressure.

Recommendations: For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider disabling the multi-packet WQE transmit functionality until a patch is available. Restrict access to the net/mlx5 module to minimize the risk of exploitation. Avoid using the skb variable in the affected code path until the issue is resolved.