CVE-2024-50039

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58

Description: A vulnerability in the Linux kernel has been resolved, which allowed a host to be crashed using a TBF + SFQ combination with an STAB on SFQ. The issue arises because most qdiscs maintain their backlog using qdisc pkt len(skb) on the assumption it is invariant between the enqueue() and dequeue() handlers. The vulnerability can be exploited by syzbot, causing a kernel NULL pointer dereference. The estimated number of potentially affected devices worldwide is not specified.

Recommendations: To resolve the issue, update the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider disabling the sfq dequeue() function until a patch is available. Restrict access to the vulnerable sch sfq module to minimize the risk of exploitation. Avoid using the TCA STAB parameter in the affected API endpoint until the issue is resolved.