CVE-2024-50095

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.14.0-427.13.1.el9 4.x86 64

Description: The issue is related to the RDMA/mad component in the Linux kernel, where the current timeout handler of the mad agent acquires and releases the mad agent priv lock for every timed out WR, leading to heavy locking contention when handling a higher number of WRs. This can cause a softlockup in certain use cases where the rdma-cm path is used to establish connections between peer nodes. The estimated number of potentially affected devices is not specified.

Recommendations: For Linux kernel versions prior to 5.14.0-427.13.1.el9 4.x86 64, consider updating to a newer version that includes the fix for the RDMA/mad timeout handler issue. As a temporary workaround, there is no specific recommendation provided, but ensuring that the system is configured to minimize the impact of locking contention may help mitigate the risk. At the moment, there is no information about additional mitigation measures.