CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-50095: RDMA/mad: Improve handling of timed out WRs of mad agent

5.5 CVSS

Description

In the Linux kernel, the following vulnerability has been resolved:

RDMA/mad: Improve handling of timed out WRs of mad agent

Current timeout handler of mad agent acquires/releases mad_agent_priv
lock for every timed out WRs. This causes heavy locking contention
when higher no. of WRs are to be handled inside timeout handler.

This leads to softlockup with below trace in some use cases where
rdma-cm path is used to establish connection between peer nodes

Trace:
-----
BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767]
CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE
------- --- 5.14.0-427.13.1.el9_4.x86_64 #1
Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019
Workqueue: ib_mad1 timeout_sends [ib_core]
RIP: 0010:__do_softirq+0x78/0x2ac
RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246
RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f
RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b
RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000
R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040
FS: 0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR...

Classification

CVE ID: CVE-2024-50095

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.5

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.03% (probability of being exploited)

EPSS Percentile: 6.63% (scored less or equal to compared to others)

EPSS Date: 2025-06-02 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-50095
https://git.kernel.org/stable/c/713adaf0ecfc49405f6e5d9e409d984f628de818
https://git.kernel.org/stable/c/7022a517bf1ca37ef5a474365bcc5eafd345a13a
https://git.kernel.org/stable/c/e80eadb3604a92d2d086e956b8b2692b699d4d0a
https://git.kernel.org/stable/c/a195a42dd25ca4f12489687065d00be64939409f
https://git.kernel.org/stable/c/3e799fa463508abe7a738ce5d0f62a8dfd05262a
https://git.kernel.org/stable/c/2a777679b8ccd09a9a65ea0716ef10365179caac

Timeline

2025-03-06 09:45:24 UTC
Tenable Plugins

Linux Distros Unpatched Vulnerability : CVE-2024-50095
2025-05-04 10:40:21 UTC
CVE

RDMA/mad: Improve handling of timed out WRs of mad agent