CVE-2024-53229: RDMA/rxe Vulnerability Fix in Linux Kernel

A recent vulnerability (CVE-2024-53229) was identified in the Linux kernel in the RDMA/rxe area (Remote Direct Memory Access / Soft RoCE). This vulnerability was related to flushing the queue pair warnings in req when the qp is in error state. To address this issue, the status of WQEs (Work Queue Entries) in the queue must be set to error. Otherwise, the system displays a series of warning messages, as mentioned in the content section.

The warning messages displayed when the vulnerability occurs look like this

[  920.617269] WARNING: CPU: 1 PID: 21 at drivers/infiniband/sw/rxe/rxe_comp.c:756 rxe_completer+x989/xcc [rdma_rxe]
...
[  920.627522]  handle_softirqs+xc2/x250
[  920.627728]  ? sort_range+x20/x20
[  920.627942]  run_ksoftirqd+x1f/x30
[  920.628158]  smpboot_thread_fn+xc7/x1b
[  920.628334]  kthread+xd6/x100
[  920.628504]  ? kthread_complete_and_exit+x20/x20
[  920.628709]  ret_from_fork+x1f/x30
[  920.628892]  </TASK>

The Linux kernel patch that addresses this vulnerability can be found in the official Linux repository on GitHub.

Exploit Details

The main reason for this vulnerability is that when the qp (queue pair) is in error state, the status of WQEs in the queue was not set to error. This results in warning messages being displayed while the system continues to operate. The patch addresses this issue by ensuring that WQEs are properly set to error status when the qp is in error state.

Conclusion

In summary, the vulnerability identified as CVE-2024-53229 in the Linux kernel has been resolved through a patch that fixes the qp flush warnings in req. Users who may be experiencing this vulnerability should update their Linux kernel to the latest version or apply the relevant patch to fix the issue.

Timeline

Published on: 12/27/2024 14:15:31 UTC
Last modified on: 01/23/2025 17:15:14 UTC