CVE-2024-50162

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61

Description: The issue is related to the Linux kernel's BPF (Berkeley Packet Filter) functionality, specifically with the devmap redirect feature. When a BPF program is executed after a redirect via BPF MAP TYPE DEVMAP, it does not have access to the rxq (receive queue) pointer, which contains information about the device from where the redirect happened. This can lead to a NULL pointer dereference when trying to access the ingress ifindex, resulting in a kernel crash. The vulnerability is particularly problematic because it can be triggered by accessing the ingress ifindex in a BPF program.

Recommendations: To resolve the issue, update the Linux kernel to version 6.6.61 or later. As a temporary workaround, consider disabling the BPF program that is executed after a redirect via BPF MAP TYPE DEVMAP until a patch is available. Restrict access to the vulnerable BPF functionality to minimize the risk of exploitation. Avoid using the ingress ifindex variable in BPF programs until the issue is resolved.