CVE-2024-43887: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2024-43887) was discovered in the TCP Authentication Option (TCP-AO) implementation. The issue relates to the lifetime management of TCP-AO static keys, where the tcpaoinfo ceases to exist during socket destruction with RCU grace period, while the tcp-ao static branch undergoes deferred destruction (Kernel Patch).

The vulnerability stems from a race condition in the static key management. The static key definition DEFINESTATICKEYDEFERREDFALSE(tcpaoneeded, HZ) can lead to a situation where if the RCU grace period is delayed by more than a second and tcpaoneeded is being disabled, other CPUs may still see tcpaoinfo that is pending destruction. This breaks the assumption of statickeyfastincnot_disabled() and can result in a kernel bug. The issue was confirmed through testing on the netdev test-bot, manifesting as a fatal kernel bug with an invalid opcode (Kernel Patch).

The vulnerability can lead to a kernel crash (denial of service) when the race condition is triggered. This was demonstrated through a reproducible crash on the netdev test-bot, showing it's not just a theoretical issue but a practical concern for system stability (Kernel Patch).

The issue has been fixed in the Linux kernel through a patch that properly handles the TCP-AO static key lifetime. The fix involves restructuring the tcpaodestroy_sock function to ensure proper synchronization between the TCP-AO info destruction and static key management (Kernel Patch).