CVE-2024-53215: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-53215 affects the Linux kernel's RDMA (Remote Direct Memory Access) transport module. The vulnerability was discovered when residual nodes remain in the 'percpucounters' list if CONFIGHOTPLUGCPU is enabled, occurring after the module is removed. If CONFIGHOTPLUG_CPU is not enabled, it results in memory leakage. The issue was disclosed in December 2024 and affects Linux kernel versions from 5.12 up to versions before 5.15.174, 6.1.120, 6.6.64, and 6.11.11 (NVD).

The vulnerability occurs in the svcrdma module's initialization function (svcrdmaprocinit). When registersysctl() returns NULL, the svcrdmaproccleanup() function fails to destroy the percpu counters that were initialized in svcrdmaprocinit(). This leads to either residual nodes in the percpu_counters list or memory leakage depending on the kernel configuration. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can result in a denial of service (system crash) through a page fault when the module is removed if CONFIGHOTPLUGCPU is enabled. In configurations where CONFIGHOTPLUGCPU is not enabled, it causes memory leakage in the system (Kernel Patch).

The vulnerability has been patched in the Linux kernel by modifying the svcrdmaprocinit() function to properly destroy all percpu counters when registersysctl() returns NULL. The fix has been backported to affected stable kernel versions. Users should update to Linux kernel versions 5.15.174, 6.1.120, 6.6.64, or 6.11.11 or later (NVD).