CVE-2024-50293: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability was discovered in the net/smc subsystem where a dangling pointer could be left in __smc_create() function. The issue was identified when syzbot found that smc_create must clear sock->sk on failure. This vulnerability was assigned CVE-2024-50293 and affects Linux kernel versions from 6.11 up to (excluding) 6.11.8, and various 6.12 release candidates (rc1 through rc6) (NVD).

The vulnerability occurs in the __smc_create() function where upon failure, the socket's sk pointer was not being cleared after releasing the allocated sk object. This could lead to a dangling pointer scenario. The issue was discovered thanks to commit 4bbd360a5084 which added printing functionality for pf->create() when it does not clear sock->sk on failure. The vulnerability has been assigned a CVSS v3.1 Base Score of 7.8 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could potentially lead to use-after-free conditions, which could result in system crashes (denial of service) or potentially allow an attacker to execute arbitrary code with elevated privileges. The high CVSS score indicates significant potential impact on the confidentiality, integrity, and availability of the affected system (NVD).

The vulnerability has been fixed in the Linux kernel through commit d293958a8595ba566fb90b99da4d6263e14fee15. The fix involves explicitly clearing the sock->sk pointer when an error occurs in __smc_create(). Users should update their Linux kernel to a patched version (Kernel Patch).