CVE-2024-50085

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc2

Description: A use-after-free read vulnerability has been identified in the Linux kernel, specifically in the mptcp pm nl rm addr or subflow function. This issue was reported by Syzkaller and is related to a slab-use-after-free error in the net/mptcp/pm netlink.c file. The vulnerability occurs when the mptcp pm nl rm addr or subflow function attempts to access memory that has already been freed, leading to a potential crash or code execution. The mptcp pm nl rm addr or subflow function is called when removing an address or subflow, and the vulnerability is triggered when the genl family rcv msg doit function is invoked.

Recommendations: To resolve this issue, update the Linux kernel to a version that includes the fix for the mptcp: pm: fix UaF read in mptcp pm nl rm addr or subflow vulnerability. As a temporary workaround, consider disabling the mptcp pm nl rm addr or subflow function until a patch is available. However, this may have unintended consequences and should be approached with caution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.