CVE intelligence and bounded remediation
CVE-2024-50095 — Linux Linux Kernel security vulnerability
In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no. of WRs are to be handled inside timeout handler. This leads to softlockup with below trace in some use cases where rdma-cm path is used to establish connection between peer nodes Trace: ----- BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767] CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE ------- --- 5.14.0-427.13.1.el9_4.x86_64 #1 Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019 Workqueue: ib_mad1 timeout_sends [ib_core] RIP: 0010:__do_softirq+0x78/0x2ac RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246 RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000 R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040 FS: 0000000000000000(0000) GS:ffff…
- Severity
- Medium
- CVSS
- 5.5 (3.1)
- Published
- 2024-11-05
- CISA KEV
- Not currently listed
- Ecosystem
- linux/kernel
Affected products
- linux / linux_kernel
Matched remediation archetype
General vulnerability remediation
This catalog composition supplies bounded fallback guidance. Explicitly reviewed curated workflows load with the complete record below.
Check exposure
- Confirm the affected component, deployment paths, reachable interfaces, and enabled features from inventories and configuration, without probing production destructively.
- Compare the advisory's affected conditions with the repository lockfiles, build manifests, artifacts, and runtime inventory.
- Identify data sensitivity, trust boundaries, and privilege level for every confirmed affected deployment.
Remediate safely
- Apply a vendor-supported fix or remove the affected component or feature; record the selected change and its source in the repository.
- Update direct and transitive dependency locks, generated artifacts, deployment manifests, and asset inventories together.
- Add a regression test for the documented unsafe condition using inert inputs and preserve rollback instructions.
Authoritative sources
Complete CVE record and remediation plan
The detailed catalog view below loads this exact record, its source evidence, and the full seven-phase agentic change plan.