CVE-2024-50158
📋 TL;DR
This CVE-2024-50158 is an out-of-bounds write vulnerability in the Linux kernel's bnxt_re RDMA driver that could allow local attackers to cause kernel memory corruption. The vulnerability affects systems using Broadcom NetXtreme-E RDMA adapters with specific kernel versions. Attackers with local access could potentially crash the system or execute arbitrary code with kernel privileges.
💻 Affected Systems
- Linux kernel with bnxt_re RDMA driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to kernel mode, allowing complete system compromise, data theft, or persistent backdoor installation.
Likely Case
Kernel panic or system crash leading to denial of service, potentially requiring physical or remote console access to recover.
If Mitigated
Limited to denial of service if exploit attempts are detected and blocked by security controls.
🎯 Exploit Status
Requires local access and knowledge of driver internals; KASAN detection suggests this was found through fuzzing or code review rather than active exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in Linux kernel stable commits: 05c5fcc1869a08e36a29691699b6534e5a00a82b, a9e6e7443922ac0a48243c35d03834c96926bff1, c11b9b03ea5252898f91f3388c248f0dc47bda52
Vendor Advisory: https://git.kernel.org/stable/c/05c5fcc1869a08e36a29691699b6534e5a00a82b
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. Check your distribution's security advisories for specific kernel packages. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable bnxt_re module
linuxPrevent loading of vulnerable RDMA driver if not required
echo 'blacklist bnxt_re' >> /etc/modprobe.d/blacklist-bnxt_re.conf
rmmod bnxt_re
Restrict module loading
linuxPrevent unauthorized loading of kernel modules
echo 'kernel.modules_disabled=1' >> /etc/sysctl.conf
sysctl -p
🧯 If You Can't Patch
- Implement strict access controls to limit local user privileges
- Monitor system logs for kernel panic or oops messages related to bnxt_re
🔍 How to Verify
Check if Vulnerable:
Check if bnxt_re module is loaded: lsmod | grep bnxt_re. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the fix commits: uname -r and check with distribution vendor. Confirm bnxt_re module version if available.📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages mentioning bnxt_re
- KASAN error reports with slab-out-of-bounds
- System crashes or panics when RDMA operations are performed
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("bnxt_re" OR "KASAN: slab-out-of-bounds")