CVE-2024-50095Improper Locking in Linux

CWE-667Improper Locking78 documents8 sources
Severity
5.5MEDIUMNVD
OSV8.8OSV7.8
EPSS
0.0%
top 99.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
LinuxLinux KernelDebian Linux+5 more
Timeline
PublishedNov 5
Latest updateJan 12

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no. of WRs are to be handled inside timeout handler. This leads to softlockup with below trace in some use cases where rdma-cm path is used to establish connection between peer nodes Trace: BUG: soft lockup - CPU#4 stuck f

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages10 packages

NVDlinux/linux_kernel5.115.15.168+4
Debianlinux/linux_kernel< 5.10.234-1+3
Ubuntulinux/linux_kernel< 5.15.0-127.137+5
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2713adaf0ecfc49405f6e5d9e409d984f628de818+6
debiandebian/linux< linux 6.1.115-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

38
OSV
linux-iot vulnerabilities2026-01-12
OSV
linux-raspi, linux-raspi-5.4 vulnerabilities2026-01-06
OSV
linux-oracle-5.4 vulnerabilities2025-12-19
OSV
linux-azure-fips vulnerabilities2025-12-16
OSV
linux-azure-fips vulnerabilities2025-12-16

📋Vendor Advisories

39
Ubuntu
Linux kernel (IoT) vulnerabilities2026-01-12
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2026-01-06
Ubuntu
Linux kernel (Oracle) vulnerabilities2025-12-19
Ubuntu
Linux kernel (Azure FIPS) vulnerabilities2025-12-16
Ubuntu
Linux kernel (Azure) vulnerabilities2025-12-16
CVE-2024-50095 — Improper Locking in Linux | cvebase