CVE-2024-35959

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc3 net next 841a9b5

Description The vulnerability is related to the net/mlx5e component of the Linux kernel. When mlx5e priv init() fails, the cleanup flow calls mlx5e selq cleanup(), which in turn calls mlx5e selq apply() that assures the priv->state lock is held using lockdep is held(). However, the state lock is not acquired in mlx5e selq cleanup(), leading to a potential issue. The kernel log indicates a suspicious RCU usage, and the stack backtrace points to the mlx5e selq apply() function. The vulnerability may allow an attacker to cause a denial of service.

Recommendations To resolve the issue, acquire the state lock in mlx5e selq cleanup() to ensure proper synchronization. As a temporary workaround, consider disabling the mlx5e selq cleanup() function until a patch is available. Restrict access to the vulnerable mlx5e module to minimize the risk of exploitation. Avoid using the priv->state lock variable in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.