CVE-2024-50207: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2024-50207) was discovered in the ring-buffer subsystem. The issue exists in the ringbuffersubbuforderset() function, which updates each ringbufferper_cpu and installs new sub buffers that match the requested page order. The vulnerability was disclosed on November 8, 2024, affecting Linux kernel versions from 6.8 up to (excluding) 6.11.6, as well as versions 6.12-rc1, 6.12-rc2, and 6.12-rc3 (NVD).

The vulnerability stems from a lack of proper synchronization in the ringbuffersubbuforderset() function. This operation can be invoked concurrently with readers that rely on modified data, such as the head bit (RBPAGEHEAD), or the ringbufferpercpu.pages and readerpage pointers. However, no exclusive access is acquired by ringbuffersubbuforderset(). The CVSS v3.1 base score is 5.5 (Medium), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, modifying the mentioned data while a reader also operates on them can result in incorrect memory access and various crashes. This can lead to system instability and potential denial of service conditions (Kernel Patch).

The issue has been fixed by taking the readerlock when updating a specific ringbufferpercpu in ringbuffersubbuforderset(). The fix is available in Linux kernel version 6.11.6 and later. Users are advised to upgrade to the patched versions (Kernel Patch).