CVE-2024-27024
📋 TL;DR
This vulnerability in the Linux kernel's RDS (Reliable Datastream Sockets) subsystem occurs when get_mr() is called before a connection is established, causing a failure that triggers a connection attempt. This could allow local attackers to cause a kernel warning/panic, potentially leading to denial of service. Systems running vulnerable Linux kernel versions with RDS enabled are affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local attacker triggers kernel panic leading to complete system crash and denial of service.
Likely Case
Local user causes kernel warning and temporary service disruption in RDS functionality.
If Mitigated
Minor performance impact or warning messages in kernel logs with no service disruption.
🎯 Exploit Status
Requires local access to trigger the condition. Exploitation appears straightforward for local users with appropriate permissions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in stable kernel versions via commits referenced in CVE
Vendor Advisory: https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85
Restart Required: Yes
Instructions:
1. Update to a patched Linux kernel version from your distribution's repositories. 2. Reboot the system to load the new kernel. 3. Verify the kernel version after reboot.
🔧 Temporary Workarounds
Disable RDS module
linuxPrevent loading of the RDS kernel module if not needed
echo 'install rds /bin/false' >> /etc/modprobe.d/disable-rds.conf
rmmod rds 2>/dev/null || true
Blacklist RDS module
linuxBlacklist the RDS module to prevent automatic loading
echo 'blacklist rds' >> /etc/modprobe.d/blacklist-rds.conf
🧯 If You Can't Patch
- Disable RDS functionality if not required for your workload
- Implement strict access controls to limit local users who could trigger the vulnerability
🔍 How to Verify
Check if Vulnerable:
Check if RDS module is loaded: lsmod | grep rds. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to a version containing the fix commits. Check that RDS functionality works without warnings.📡 Detection & Monitoring
Log Indicators:
- Kernel warnings mentioning 'rds_conn_connect_if_down' or RDS-related panics in /var/log/kern.log or dmesg
Network Indicators:
- Unusual RDS connection attempts or failures
SIEM Query:
source="kernel" AND ("rds_conn_connect_if_down" OR "RDS" WARNING)🔗 References
- https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85
- https://git.kernel.org/stable/c/786854141057751bc08eb26f1b02e97c1631c8f4
- https://git.kernel.org/stable/c/907761307469adecb02461a14120e9a1812a5fb1
- https://git.kernel.org/stable/c/997efea2bf3a4adb96c306b9ad6a91442237bf5b
- https://git.kernel.org/stable/c/998fd719e6d6468b930ac0c44552ea9ff8b07b80
- https://git.kernel.org/stable/c/9dfc15a10dfd44f8ff7f27488651cb5be6af83c2
- https://git.kernel.org/stable/c/b562ebe21ed9adcf42242797dd6cb75beef12bf0
- https://git.kernel.org/stable/c/c055fc00c07be1f0df7375ab0036cebd1106ed38
- https://git.kernel.org/stable/c/2b505d05280739ce31d5708da840f42df827cb85
- https://git.kernel.org/stable/c/786854141057751bc08eb26f1b02e97c1631c8f4
- https://git.kernel.org/stable/c/907761307469adecb02461a14120e9a1812a5fb1
- https://git.kernel.org/stable/c/997efea2bf3a4adb96c306b9ad6a91442237bf5b
- https://git.kernel.org/stable/c/998fd719e6d6468b930ac0c44552ea9ff8b07b80
- https://git.kernel.org/stable/c/9dfc15a10dfd44f8ff7f27488651cb5be6af83c2
- https://git.kernel.org/stable/c/b562ebe21ed9adcf42242797dd6cb75beef12bf0
- https://git.kernel.org/stable/c/c055fc00c07be1f0df7375ab0036cebd1106ed38
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
