CVE-2024-43853: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-43853 is a Use-After-Free (UAF) vulnerability discovered in the Linux kernel's cgroup/cpuset subsystem, specifically in the proccpusetshow() function. The vulnerability was identified when reading /proc/cpuset and affects Linux kernel versions from 4.6 up to versions before 6.1.103, 6.6.44, and 6.10.3 (NVD).

The vulnerability occurs due to a race condition between unmounting operations and reading /proc/cpuset. When the cpuset is initialized, the root node topcpuset.css.cgrp points to &cgrpdflroot.cgrp. In cgroup v1, mounting operations allocate cgrouproot, and topcpuset.css.cgrp points to the allocated &cgrouproot.cgrp. During unmount, topcpuset.css.cgrp is rebound to &cgrpdflroot.cgrp, but the cgrouproot allocated for cgroup v1 might be cached and subsequently freed, leading to a Use-After-Free condition. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a Use-After-Free condition when accessing the cgroup subsystem, potentially resulting in system crashes or denial of service. The impact is primarily focused on system availability, with no direct impact on confidentiality or integrity (NVD).

The vulnerability has been fixed by implementing RCU locking mechanisms in proccpusetshow(). The fix uses rcureadlock() and replaces taskgetcss with task_css, ensuring safe access to the cgroup structure. The patch has been integrated into various kernel versions. Users should update to Linux kernel versions 6.1.103, 6.6.44, 6.10.3 or later to mitigate this vulnerability (Kernel Patch).