CVE-2024-50169: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2024-50169) has been identified and resolved in the vsock subsystem. The issue involves improper handling of rxbytes on readskb() operations, where virtiotransportincrxpkt() and virtiotransportdecrxpkt() calls were not properly balanced. This vulnerability affects Linux kernel versions from 6.4 up to (excluding) 6.6.59, and from 6.7 up to (excluding) 6.11.6, as well as version 6.12 release candidates (rc1, rc2, rc3) (NVD).

The vulnerability stems from a failure to update rxbytes after a packet is dequeued in the vsock transport implementation. This leads to a warning condition during SOCKSTREAM recv() operations where the rxqueue is empty but rxbytes remains non-zero. The issue manifests as a warning message: 'rxqueue is empty, but rxbytes is non-zero' followed by a CPU warning at net/vmwvsock/virtiotransport_common.c:589. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to inconsistent state tracking in the vsock subsystem, potentially causing system warnings and affecting the reliability of socket communications. While the immediate impact appears to be limited to system warnings and potential denial of service conditions, it does not appear to enable unauthorized access or data manipulation (NVD).

The vulnerability has been fixed through a patch that ensures proper balance between virtiotransportincrxpkt() and virtiotransportdecrxpkt() calls. The fix also includes informing the peer about freed up space and available credit. Users are advised to upgrade to Linux kernel versions 6.6.59, 6.11.6, or later to address this vulnerability (Kernel Patch).