CVE-2024-50095

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 5, 2024

Updated: Nov 12, 2024

Summary

CVE-2024-50095 is a vulnerability in the Linux kernel's RDMA/mad subsystem. The issue lies in the handling of timed-out WRs (Write Requests) of mad agents, which can cause heavy locking contention and result in softlockups. The previous timeout handler acquires and releases the mad_agent_priv lock for every timed-out WR, leading to performance degradation. The vulnerability can be resolved by implementing a simplified timeout handler that creates a local list of timed-out WRs and invokes the send handler post creating the list, reducing locking contention when processing a high number of WRs.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ztyf9_
https://www.cve.org/CVERecord?id=CVE-2024-50095
https://nvd.nist.gov/vuln/detail/CVE-2024-50095

Back to Vulnerability Database

CVE-2024-50095

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations