CVE-2024-50145

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()<br /> <br /> build_skb() returns NULL in case of a memory allocation failure so handle<br /> it inside __octep_oq_process_rx() to avoid NULL pointer dereference.<br /> <br /> __octep_oq_process_rx() is called during NAPI polling by the driver. If<br /> skb allocation fails, keep on pulling packets out of the Rx DMA queue: we<br /> shouldn&amp;#39;t break the polling immediately and thus falsely indicate to the<br /> octep_napi_poll() that the Rx pressure is going down. As there is no<br /> associated skb in this case, don&amp;#39;t process the packets and don&amp;#39;t push them<br /> up the network stack - they are skipped.<br /> <br /> Helper function is implemented to unmmap/flush all the fragment buffers<br /> used by the dropped packet. &amp;#39;alloc_failures&amp;#39; counter is incremented to<br /> mark the skb allocation error in driver statistics.<br /> <br /> Found by Linux Verification Center (linuxtesting.org) with SVACE.