CVE-2024-50145

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61

Description: The issue is related to the handling of SKB allocation failures in the octep oq process rx() function. When build skb() returns NULL due to a memory allocation failure, the function now handles it to avoid a NULL pointer dereference. During NAPI polling by the driver, if SKB allocation fails, packets are skipped and not processed or pushed up the network stack. A helper function is implemented to unmmap/flush fragment buffers used by dropped packets, and an 'alloc failures' counter is incremented to mark the error in driver statistics.

Recommendations: For Linux kernel versions prior to 6.6.61, update to version 6.6.61 or later to resolve the issue. As a temporary workaround, consider disabling the octep oq process rx() function until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the build skb() function in the affected API endpoint until the issue is resolved.