CVE-2024-53224

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-162.6.1.el9 1.x86 64

Description A vulnerability in the Linux kernel has been resolved, specifically in the RDMA/mlx5 component. The issue involved moving events notifier registration to be after device registration and fixing a race between device deregistration and pkey change work. This ensured that no works were executed after the device had already unregistered, which could cause a panic. The vulnerability resulted in a kernel NULL pointer dereference.

Recommendations To resolve the issue, update the Linux kernel to a version later than 5.14.0-162.6.1.el9 1.x86 64. As a temporary workaround, consider disabling the mlx5 ib module until a patch is available. Restrict access to the vulnerable RDMA/mlx5 component to minimize the risk of exploitation. Avoid using the pkey change handler workqueue in the affected API endpoint until the issue is resolved.