CVE-2024-26987
📋 TL;DR
A deadlock vulnerability in the Linux kernel's memory failure handling when hugetlb_optimize_vmemmap is enabled. This can cause system hangs or crashes when attempting to offline poisoned huge pages. Affects Linux systems with hugetlb pages and the vmemmap optimization feature enabled.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Fedora by Fedoraproject
Fedora by Fedoraproject
Fedora by Fedoraproject
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System deadlock leading to complete unresponsiveness, requiring hard reboot and potential data loss or corruption.
Likely Case
System hang or crash when memory failure handling is triggered on hugetlb pages, disrupting services and requiring reboot.
If Mitigated
No impact if hugetlb_optimize_vmemmap is disabled or if memory failure events don't occur on hugetlb pages.
🎯 Exploit Status
Exploitation requires ability to trigger memory failure handling on hugetlb pages, which typically requires privileged access or specific hardware conditions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 1983184c22dd84a4d95a71e5c6775c2638557dc7, 49955b24002dc16a0ae2e83a57a2a6c863a1845c, 5ef7ba2799a3b5ed292b8f6407376e2c25ef002e, 882e1180c83f5b75bae03d0ccc31ccedfe5159de
Vendor Advisory: https://git.kernel.org/stable/c/1983184c22dd84a4d95a71e5c6775c2638557dc7
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commits. 2. Check your distribution's security advisories for backported patches. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Disable hugetlb vmemmap optimization
linuxTurn off the hugetlb_optimize_vmemmap feature to prevent the deadlock condition
echo 0 > /sys/kernel/mm/hugepages/hugepages-<size>kB/optimize_vmemmap
Avoid using hugetlb pages
linuxDisable hugetlb page usage if not required
echo 0 > /proc/sys/vm/nr_hugepages
🧯 If You Can't Patch
- Disable hugetlb_optimize_vmemmap feature via sysfs
- Monitor for memory failure events and system hangs, have reboot procedures ready
🔍 How to Verify
Check if Vulnerable:
Check if hugetlb_optimize_vmemmap is enabled: cat /sys/kernel/mm/hugepages/hugepages-*/optimize_vmemmap | grep -v ^0$Check Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits: uname -r and verify with distribution patch notes📡 Detection & Monitoring
Log Indicators:
- Kernel logs showing deadlock warnings, circular locking dependency detected messages
- System hangs or unresponseness when memory operations occur
Network Indicators:
- None - this is a local kernel issue
SIEM Query:
kernel: "possible circular locking dependency detected" AND "hugetlb_optimize_vmemmap" OR "memory_failure"🔗 References
- https://git.kernel.org/stable/c/1983184c22dd84a4d95a71e5c6775c2638557dc7
- https://git.kernel.org/stable/c/49955b24002dc16a0ae2e83a57a2a6c863a1845c
- https://git.kernel.org/stable/c/5ef7ba2799a3b5ed292b8f6407376e2c25ef002e
- https://git.kernel.org/stable/c/882e1180c83f5b75bae03d0ccc31ccedfe5159de
- https://git.kernel.org/stable/c/1983184c22dd84a4d95a71e5c6775c2638557dc7
- https://git.kernel.org/stable/c/49955b24002dc16a0ae2e83a57a2a6c863a1845c
- https://git.kernel.org/stable/c/5ef7ba2799a3b5ed292b8f6407376e2c25ef002e
- https://git.kernel.org/stable/c/882e1180c83f5b75bae03d0ccc31ccedfe5159de
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/
