CVE-2024-42145

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> IB/core: Implement a limit on UMAD receive List<br /> <br /> The existing behavior of ib_umad, which maintains received MAD<br /> packets in an unbounded list, poses a risk of uncontrolled growth.<br /> As user-space applications extract packets from this list, the rate<br /> of extraction may not match the rate of incoming packets, leading<br /> to potential list overflow.<br /> <br /> To address this, we introduce a limit to the size of the list. After<br /> considering typical scenarios, such as OpenSM processing, which can<br /> handle approximately 100k packets per second, and the 1-second retry<br /> timeout for most packets, we set the list size limit to 200k. Packets<br /> received beyond this limit are dropped, assuming they are likely timed<br /> out by the time they are handled by user-space.<br /> <br /> Notably, packets queued on the receive list due to reasons like<br /> timed-out sends are preserved even when the list is full.