CVE-2024-42080: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-42080 is a vulnerability in the Linux kernel's RDMA (Remote Direct Memory Access) subsystem, specifically in the restrack (Resource Tracking) component. The vulnerability was discovered and disclosed on July 29, 2024. It affects Linux kernel versions up to 5.15.162, from 5.16 to 6.1.97, from 6.2 to 6.6.37, and from 6.7 to 6.9.8 (NVD).

The vulnerability occurs when struct rdmarestrackentry's kernname is set to KBUILDMODNAME in ibcreateCQ(). If the module exits but fails to delete the rdmarestrackentry, it causes an invalid address access in rdmarestrackclean() when printing the owner of the rdmarestrackentry. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a potential invalid address access, which could result in a denial of service condition on affected systems (Kernel Patch).

The vulnerability has been fixed in multiple Linux kernel versions. Ubuntu has released patches for various versions including 24.04 LTS (6.8.0-48.48), 22.04 LTS (5.15.0-121.131), and other affected versions. Users should update their systems to the patched versions (Ubuntu Security).