CVE-2024-50146: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's net/mlx5e driver has been identified and assigned CVE-2024-50146. The issue occurs when profile rollback fails in mlx5enetdevchange_profile, causing the netdev profile variable to be set to NULL. This vulnerability affects Linux kernel versions from 5.12 up to (excluding) 6.11.6 (NVD).

The vulnerability is triggered when the workqueue rescuer thread creation is interrupted (typically due to Ctrl+C-ing modprobe), which gets converted to ENOMEM (-12) by mlx5eprivinit. When this happens, the profile rollback also fails for the same reason (signal still active), leaving the profile as NULL. This leads to a NULL pointer dereference crash later in mlx5eremove when attempting to call profile->cleanup. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability results in a kernel NULL pointer dereference, which can cause a system crash (denial of service). The issue specifically affects systems using the Mellanox MLX5 network driver when attempting to unload the driver after a failed profile rollback (Kernel Patch).

The issue has been fixed in the Linux kernel through a patch that adds a NULL check before calling profile->cleanup in the driver's removal function. The fix has been backported to various stable kernel versions. Users should update their Linux kernel to a version that includes this fix (Kernel Patch).