CVE-2024-57890 is a vulnerability identified in the Linux kernel's RDMA (Remote Direct Memory Access) subsystem, specifically within the uverbs (user verbs) interface. The issue arises due to integer overflow risks in calculations involving user-supplied 32-bit unsigned integer values. The vulnerability centers on two multiplication operations: first, the product of cmd.wqe_size and cmd.wr_count, and second, the product of cmd.sge_count and the size of the ib_uverbs_sge structure. Both cmd.wqe_size and cmd.wr_count are user-controlled u32 values, and their multiplication can result in integer wrapping (overflow), which may lead to incorrect memory size calculations. This incorrect size is then passed to the function uverbs_request_next_ptr(), which also performs comparisons that could be compromised by the overflow. On 32-bit systems, the multiplication involving cmd.sge_count can also overflow, whereas on 64-bit systems it is safe due to larger integer capacity. The patch addressing this vulnerability rearranges the conditional checks in uverbs_request_next_ptr() to isolate the user-controlled variable without additional arithmetic, and replaces all relevant multiplications with a safer size_mul() function that includes overflow checks. This prevents integer wrapping and the associated risks. The vulnerability is significant because it involves user-controlled inputs that can lead to memory mismanagement, potentially enabling out-of-bounds memory access, data corruption, or denial of service. However, as of the published date, no known exploits are reported in the wild.

For European organizations, the impact of CVE-2024-57890 depends largely on their use of Linux systems with RDMA capabilities, particularly those leveraging the uverbs interface for high-performance computing, storage, or networking applications. RDMA is commonly used in data centers, cloud infrastructure, and enterprise environments to facilitate low-latency, high-throughput communication. An integer overflow in this context could allow an attacker with local user privileges or access to the RDMA interface to cause memory corruption, potentially leading to system crashes (denial of service) or escalation of privileges if exploited further. This could disrupt critical services, especially in sectors relying on high-performance computing clusters, financial services, telecommunications, and research institutions. Given the widespread deployment of Linux in European IT infrastructure, the vulnerability poses a risk to confidentiality, integrity, and availability of systems if left unpatched. However, exploitation requires interaction with the RDMA subsystem and user-level access, which somewhat limits the attack surface to environments where untrusted users have such access.

European organizations should prioritize patching Linux kernels to versions that include the fix for CVE-2024-57890. Specifically, they should ensure that all systems using RDMA and uverbs interfaces are updated to kernel versions incorporating the size_mul() overflow checks and the rearranged conditional logic in uverbs_request_next_ptr(). Additionally, organizations should audit and restrict access to RDMA interfaces, limiting user privileges to trusted personnel and processes. Employing kernel hardening techniques such as SELinux or AppArmor policies to constrain RDMA subsystem interactions can further reduce risk. Monitoring logs for unusual RDMA activity and implementing runtime integrity checks can help detect exploitation attempts. For 32-bit systems, which are more vulnerable to the sge_count multiplication overflow, consider migrating to 64-bit architectures or applying additional safeguards. Finally, organizations should maintain an up-to-date inventory of systems using RDMA and ensure that security policies reflect the need for strict control over these interfaces.