CVE-2024-50158: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50158 affects the Linux kernel's RDMA/bnxtre driver. The vulnerability was discovered when parsing pacing stats, where the driver had a check for 'rdev->dbrpacing' without properly verifying if the adapter was GenP5 or P7, which are the only models that export pacing stats. This issue was disclosed on November 7, 2024, and affects Linux kernel versions from 6.6 up to 6.6.59 and from 6.7 up to 6.11.6 (NVD).

The vulnerability is classified as a slab-out-of-bounds issue in the bnxtregethwstats function of the RDMA/bnxt_re driver. When KASAN (Kernel Address Sanitizer) is enabled, it detected a write of size 8 at address ffff8885942a6340 by the modprobe task. The issue stems from improper bounds checking before accessing memory during pacing stats parsing. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could lead to a slab-out-of-bounds memory access, potentially resulting in system crashes, memory corruption, or possible arbitrary code execution in the context of the kernel. This poses a significant risk to system stability and security (NVD).

The issue has been fixed by adding a proper check to verify if the adapter is GenP5 or P7 before accessing pacing stats. The fix involves modifying the condition to 'rdev->pacing.dbrpacing && bnxtqplibischipgenp5p7(rdev->chipctx)' in the driver code. The patch has been merged into the Linux kernel (Kernel Patch).