CVE-2024-50005: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50005 affects the Linux kernel's mac802154 subsystem, specifically in the mac802154scanworker function. The vulnerability was discovered in October 2024 and involves an illegal RCU (Read-Copy-Update) dereference issue where the scan_req->type field was accessed after the RCU read-side critical section was unlocked (NVD). The vulnerability affects Linux kernel versions from 6.5 up to 6.6.55, 6.7 up to 6.10.14, and 6.11 up to 6.11.3.

The vulnerability stems from a violation of RCU usage rules in the mac802154scanworker function. The scan_req->type field was being accessed after the RCU read-side critical section was unlocked, which is illegal according to RCU usage rules. This can lead to unpredictable behavior, such as accessing memory that has been updated or causing use-after-free issues. The issue was identified using a static analysis tool specifically designed to detect RCU-related issues. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability can lead to unpredictable system behavior, including potential memory access issues and use-after-free conditions. This could result in system crashes or potentially allow for privilege escalation in the Linux kernel (NVD).

The vulnerability has been patched by storing the scanreq->type value in a local variable scanreqtype while still within the RCU read-side critical section. The scanreq_type is then used after the RCU lock is released, ensuring that the type value is safely accessed without violating RCU rules. Users should update their Linux kernel to versions 6.6.55, 6.10.14, or 6.11.3 or later, depending on their kernel branch (Kernel Patch).