CVE-2024-50155

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61

Description: A problem in the Linux kernel has been fixed, related to the netdevsim module. The issue involves the nsim dev trap report work() function, where the use of cond resched() and system unbound wq instead of implicit system wq resolves the problem. There have been reports of high CPU usage, with syzbot hinting that it might fool nsim dev trap report work() with hundreds of ports. The issue causes tasks to be blocked for more than 143 seconds.

Recommendations: To resolve the issue, update the Linux kernel to version 6.6.61 or later. As a temporary workaround, consider disabling the nsim dev trap report work() function until a patch is available. Restrict access to the vulnerable netdevsim module to minimize the risk of exploitation. Avoid using the nsim dev trap report() function in the affected API endpoint until the issue is resolved.