CVE-2024-35855

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37

Description The issue is related to a use-after-free vulnerability in the Linux kernel, specifically in the mlxsw spectrum acl tcam module. This vulnerability occurs when the rule activity update delayed work accesses an entry that can be changed concurrently by the rehash delayed work, leading to a use-after-free condition. The fix involves closing the race and performing the activity query under the 'vregion->lock' mutex.

Recommendations To resolve this issue, update the Linux kernel to version 6.6.37 or later. As a temporary workaround, consider disabling the mlxsw sp acl tcam flower rule activity get function until a patch is available. Restrict access to the vulnerable module mlxsw spectrum acl tcam to minimize the risk of exploitation. Avoid using the ventry->entry parameter in the affected API endpoint until the issue is resolved.