CVE-2024-42246: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-42246 affects the Linux kernel's network and sunrpc subsystems. The vulnerability was discovered in July 2024 and involves an infinite loop condition in the xstcpsetupsocket function when using a BPF program on kernelconnect(). This issue affects Linux kernel versions from 4.17 up to (excluding) 6.1.100, from 6.2 up to (excluding) 6.6.41, and from 6.7 up to (excluding) 6.9.10 (NVD).

The vulnerability occurs when a BPF program on kernelconnect() returns -EPERM, causing xstcpsetupsocket() to enter an infinite loop. This results in continuous syslog filling and potential kernel freeze. The issue stems from error handling in the network stack where -EPERM propagates up into layers not designed to handle it. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H and is classified as CWE-835 (Loop with Unreachable Exit Condition) (NVD, Red Hat).

When exploited, this vulnerability can cause the kernel to potentially freeze up and fill the syslog with error messages, leading to a denial of service condition. The impact is primarily on system availability, with no direct effect on confidentiality or integrity (NVD).

The vulnerability has been patched by remapping the -EPERM error to -ECONNREFUSED, which is an error that upper layers are better equipped to handle. This fix has been implemented in various kernel versions and is being distributed through security updates. Red Hat has released fixes for affected versions in RHEL 8 and 9 through security advisories RHSA-2024:7001, RHSA-2024:7000, RHSA-2024:6997, and RHSA-2024:6744 (Red Hat).