CVE-2024-50073: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free vulnerability was discovered in the Linux kernel's TTY GSM line discipline (n_gsm) driver, specifically in the gsm_cleanup_mux function (CVE-2024-50073). The vulnerability was discovered in October 2024 and affects Linux kernel versions up to 6.1.114, from 6.2 up to 6.6.58, and from 6.7 up to 6.11.5 (NVD).

The vulnerability occurs in the gsm_cleanup_mux function within drivers/tty/n_gsm.c. When a discard request needs to be retried, and that retry fails before a new special payload is added, a double free can result. The issue specifically involves gsm_msg objects on the tx_ctrl_list or tx_data_list of gsm_mux that can be freed by multiple threads through ioctl operations. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) with vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could allow an attacker with local access to cause a use-after-free condition, potentially leading to privilege escalation, denial of service, or arbitrary code execution in the context of the kernel (NVD).

The vulnerability has been fixed by adding proper locking mechanisms using gsm tx lock to protect the gsm_msg objects during cleanup operations. The fix has been implemented in the kernel source code and is available through various distribution updates. Users should update their Linux kernel to the latest patched version (Kernel Patch).