CVE-2024-50161: 
Linux Debian vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2024-50161) was discovered in the BPF subsystem related to BTF (BPF Type Format) field handling. The issue occurs when trying to repeat BTF fields for an array of nested structs, where the code fails to check the remaining info_cnt. This vulnerability was disclosed on November 7, 2024, affecting Linux kernel versions from 6.11 through 6.11.6, and various release candidates of version 6.12 (NVD).

The vulnerability manifests when the value of ret * nelems is greater than BTFFIELDSMAX, leading to an array-index-out-of-bounds condition in the kernel/bpf/btf.c file. This results in a UBSAN (Undefined Behavior Sanitizer) warning. The issue stems from improper validation of array indices during BTF field parsing. The CVSS v3.1 base score is 5.5 (Medium), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can cause an array-index-out-of-bounds condition, potentially leading to a denial of service (system crash) through accessing unmapped memory above the stack. The issue affects the system's stability and availability, though it does not appear to compromise confidentiality or integrity (NVD).

The vulnerability has been fixed by adding a check for the remaining infocnt in btfrepeat_fields() before repeating the BTF fields. The fix was implemented in kernel patch 797d73ee232dd1833dec4824bc53a22032e97c1c. Users are advised to upgrade to Linux kernel version 6.11.6 or later (Kernel Patch).