CVE-2024-50220

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue arises during the fork operation in the Linux kernel, where the virtual memory address space may be placed into an inconsistent state before the operation is complete. If an error occurs during the fork operation, it may indicate that the virtual memory address space is invalidated. To address this, the fork logic has been updated to defer certain operations until the end of the fork process and only invoke them if no error occurred. Specifically, the dup userfaultfd complete() function, which invokes registered handlers for the UFFD EVENT FORK event and clears down userfaultfd fork ctx objects, is problematic because it may expose the virtual address space to external machinery that is not designed to handle incomplete states. A new function, dup userfaultfd fail(), has been implemented to roll back state and perform memory freeing duties in case of a fork error.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.