CVE-2024-50126

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61

Description: A use-after-free vulnerability has been identified in the Linux kernel, specifically in the taprio dump() function. This issue can be triggered when the taprio dump() function is called, potentially leading to a slab-use-after-free error. The vulnerability was discovered on a KASAN-enabled arm64 system and is fixed by adding an RCU read-side critical section to the taprio dump() function. Technical details include the involvement of tc fill qdisc(), qdisc notify.isra.0(), and tc modify qdisc() functions, as well as the rtnetlink rcv msg() and netlink unicast() functions. The taprio dump+0xa0c/0xbb0 call trace is also mentioned.

Recommendations: To resolve this issue, update the Linux kernel to version 6.6.61 or later. As a temporary workaround, consider disabling the taprio dump() function until a patch is available. Restrict access to the vulnerable taprio dump() function to minimize the risk of exploitation. Avoid using the taprio dump() function in the affected API endpoints until the issue is resolved.