CVE-2024-50047: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50047 is a Use-After-Free (UAF) vulnerability discovered in the Linux kernel's SMB client implementation. The vulnerability affects the async decryption functionality when performing large read operations. The issue was identified and reported in October 2024, affecting Linux kernel versions up to 6.6.57 and versions from 6.7 up to 6.11.4 (NVD).

The vulnerability occurs in the SMB client's async decryption process where a Transform Frame Manager (TFM) is being used in parallel, leading to a slab-use-after-free condition in the crypto API. The issue can be triggered when mounting a CIFS share with specific options and performing large file reads. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements but high impact potential (NVD).

The vulnerability can lead to system crashes due to use-after-free conditions in the kernel's crypto API during SMB operations. When exploited, it could potentially allow an attacker to execute code with elevated privileges, cause denial of service, or access sensitive information, as indicated by the high confidentiality, integrity, and availability impact ratings in the CVSS score (NVD).

The vulnerability has been fixed by allocating a new AEAD TFM specifically for async decryption while maintaining the existing one for synchronous READ operations. The fix also removes unnecessary callback and wait request operations. The patch has been incorporated into multiple kernel versions and is available through various distribution updates (Kernel Patch).