CVE-2024-50304: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50304 addresses a vulnerability in the Linux kernel's IPv4 tunnel implementation, specifically in the iptunnelfind() function. The issue was discovered in November 2024 and affects Linux kernel versions from 3.10.12 up to (excluding) 6.11.7, as well as various 6.12 release candidates (rc1 through rc6) (NVD).

The vulnerability involves suspicious RCU (Read-Copy-Update) usage in the iptunnelfind() function within the IPv4 tunnel implementation. The per-netns IP tunnel hash table is protected by the RTNL mutex and iptunnelfind() is only called from the control path where the mutex is taken. The issue manifests as a suspicious RCU usage warning in the kernel when traversing RCU-protected lists in non-reader sections. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability primarily affects system availability. Based on the CVSS score and vector, while there is no impact on confidentiality or integrity, the vulnerability can lead to high impact on system availability through local access (NVD).

The vulnerability has been fixed by adding a lockdep expression to hlistforeachentryrcu() in iptunnelfind() to validate that the mutex is held and silence the suspicious RCU usage warning. The fix has been implemented in various Linux kernel versions through patches. Debian has addressed this in version 6.1.128-1 for bullseye and version 5.10.234-1 for other distributions (Kernel Patch).