CVE-2024-50020: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2024-50020) was discovered related to improper handling of reference counts in the icesriovsetmsixvec_count() function. The issue was identified and resolved in the Linux kernel versions from 6.7.10 up to (excluding) 6.8, and from 6.8 up to (excluding) 6.11.4, as well as release candidates 6.12-rc1 and 6.12-rc2 (NVD).

The vulnerability stems from two specific issues in the icesriovsetmsixveccount() function. First, when icegetvfbyid() is called, it increments the reference count of the vf pointer, but if icegetvfvsi() subsequently fails, the function returns an error without decrementing the reference count. Second, when icesriovget_irqs() is called and returns a negative value, the function again returns an error without decrementing the reference count, resulting in another reference count leak. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD, Kernel Patch).

The vulnerability leads to reference count leaks in the kernel's memory management system. These leaks can potentially result in resource exhaustion and system instability over time, as memory resources are not properly released (Kernel Patch).

The issue has been fixed through patches that properly handle reference counting by adding iceputvf(vf) calls before returning errors in the affected scenarios. The fix has been implemented in the kernel source code and is available through the stable kernel releases (Kernel Patch).