CVE-2024-44974

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50

Description The issue is related to the select local address() and select signal address() functions in the Linux kernel's mptcp component. These functions select an endpoint entry from a list inside an RCU protected section but return a reference to it, which can be read later. If the entry is dereferenced after the RCU unlock, it could cause a Use-after-Free, potentially affecting the confidentiality, integrity, and availability of protected information. A simple solution is to copy the required information while inside the RCU protected section to avoid any risk of Use-after-Free later.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.50 or later. As a temporary workaround, consider modifying the select local address() and select signal address() functions to copy the required information while inside the RCU protected section. Restrict access to the vulnerable mptcp component to minimize the risk of exploitation until a patch is available.