CVE-2024-35890: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-35890 is a vulnerability discovered in the Linux kernel's Generic Receive Offload (GRO) feature. The issue was identified and fixed in March 2024, affecting the kernel's network packet processing functionality. The vulnerability occurs when packets processed with a fragment list are not properly handled during the ownership transfer process (Kernel Git).

The vulnerability stems from an improper ownership transfer in the GRO feature where packets with fraglist might be segmented later in the network stack. In skbsegmentlist, skbs can be reused as-is, but their destructor was removed in skbgroreceivelist while retaining the reference to their socket, preventing them from being properly orphaned. This leads to a kernel BUG in skborphan when attempting to process these packets (Kernel Git).

When exploited, this vulnerability can trigger a kernel BUG at include/linux/skbuff.h:3131 during packet processing, specifically in the ip6rcvcore function. This can lead to system stability issues and potential denial of service conditions (Red Hat CVE).

The issue has been fixed by modifying the ownership transfer process in both skbgroreceive and skbgroreceive_list functions. The fix involves removing both the destructor and the socket reference during packet processing. Red Hat has released security updates for affected versions of Red Hat Enterprise Linux (Red Hat Advisory).