CVE-2024-50226

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.61

Description The issue is related to a use-after-free bug in the cxl/port module of the Linux kernel. This bug occurs when a region is established with multiple endpoint decoders that share a common switch-decoder, and the decoder is removed out of order, causing the region cleanup to be aborted and leaving it referencing a stale decoder object. The vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information. The fix involves recognizing that the CXL specification does not mandate in-order shutdown of switch-decoders and always removing objects to prevent them from being left dangling.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.61 or later. As a temporary workaround, consider disabling the cxl decoder reset() function until a patch is available. Restrict access to the vulnerable cxl region decode reset() function to minimize the risk of exploitation. Avoid using the cxl port attach region() function with multiple endpoint decoders that share a common switch-decoder until the issue is resolved.