CVE-2024-50019: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50019 affects the Linux kernel's kthread (kernel thread) subsystem. The vulnerability was discovered in September 2024 and publicly disclosed on October 21, 2024. It affects multiple versions of the Linux kernel from version 5.11 up to versions before 5.15.168, 6.1.113, 6.6.57, and 6.11.4 (NVD).

The vulnerability stems from unconditional kthread unparking behavior in the Linux kernel. When a kthread is already unparked, calling the unpark function is usually harmless as the wake-up is ignored due to the target not being in TASK_PARKED state. However, for per-CPU kthreads, the wake-up is preceded by a kthread_bind() call that expects the task to be inactive and in TASK_PARKED state. This mismatch triggers a warning when kthread_stop() is called on an unparked per-CPU kthread (Kernel Patch). The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a denial of service condition through system crashes when attempting to stop per-CPU kthreads that are already unparked. This primarily affects system stability and availability, with no direct impact on confidentiality or integrity (NVD).

The issue has been fixed in the Linux kernel through a patch that adds a check to skip unnecessary unparking while stopping a kthread. The fix involves checking the KTHREAD_SHOULD_PARK flag before proceeding with the unpark operation (Kernel Patch). Users should update to Linux kernel versions 5.15.168, 6.1.113, 6.6.57, or 6.11.4 or later to address this vulnerability.