CVE-2024-49856: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-49856 affects the Linux kernel's x86/sgx subsystem, specifically related to NUMA node search functionality. The vulnerability was discovered and disclosed in October 2024, affecting Linux kernel versions from 5.13 up to (excluding) 6.11.2. The issue exists in the SGX (Software Guard Extensions) NUMA node allocation mechanism (NVD).

The vulnerability stems from a deadlock condition in the SGX NUMA node search functionality. When the current node lacks an EPC (Enclave Page Cache) section configured by firmware and all other EPC sections are exhausted, the CPU can become indefinitely stuck in a while loop that searches for available EPC pages from remote nodes. This occurs because nidofcurrent will never equal nid in the loop, as nidofcurrent is not set in sgxnumamask. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a denial of service condition through a soft lockup of the CPU. While the issue affects system availability, it does not compromise confidentiality or integrity. The impact is limited to systems using Intel SGX technology with NUMA configurations (NVD).

The vulnerability has been patched by reworking the loop to start and end on a node that has SGX memory, avoiding the deadlock condition. The fix has been implemented across multiple Linux kernel versions, including 5.15.0-127.137 for Ubuntu 22.04 LTS and various other distributions. System administrators should update their kernel to the patched versions (Ubuntu).