CVE-2024-49850: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-49850 affects the Linux kernel's BPF subsystem. The vulnerability involves a null pointer dereference in the bpfcorecalcreloinsn function when handling malformed BPFCORETYPEIDLOCAL relocation records that reference non-existing BTF types (NVD). The issue affects Linux kernel versions from 5.17 up to versions before 6.1.113, 6.6.54, 6.10.13, and 6.11.2.

The vulnerability occurs in the kernel's BPF subsystem when processing malformed relocation records. Specifically, when a BPFCORETYPEIDLOCAL relocation record references a non-existing BTF type, the function bpfcorecalcreloinsn would cause a null pointer dereference. The issue was fixed by adding proper type validation checks in the call stack before processing the relocation records. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can be exploited to cause a denial of service (system crash) through a null pointer dereference when malformed relocation records are passed from user space (NVD).

The vulnerability has been patched in Linux kernel versions 6.1.113, 6.6.54, 6.10.13, and 6.11.2. Users should upgrade to these or later versions. The fix involves adding proper type validation checks before processing relocation records (NVD, Kernel Patch).