CVE-2024-35793
📋 TL;DR
A race condition vulnerability in the Linux kernel's debugfs subsystem can cause deadlocks when debugfs files are being accessed concurrently with debugfs removal operations. This affects Linux systems where debugfs is mounted and being used, potentially leading to denial of service conditions. The vulnerability requires local access to the system.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system deadlock requiring hard reboot, causing extended downtime and potential data loss.
Likely Case
Local denial of service affecting specific processes or services using debugfs, potentially causing service interruptions.
If Mitigated
Minimal impact if debugfs is not mounted or not actively used by critical services.
🎯 Exploit Status
Exploitation requires local access and timing conditions to trigger the race condition. No public exploit code identified at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees via provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/3d08cca5fd0aabb62b7015067ab40913b33da906
Restart Required: Yes
Instructions:
1. Identify current kernel version. 2. Apply appropriate kernel patch from stable tree. 3. Rebuild kernel if using custom kernel. 4. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Unmount debugfs
linuxPrevent exploitation by unmounting debugfs if not required for system operation
umount /sys/kernel/debug
Disable debugfs at boot
linuxPrevent debugfs from being mounted at system startup
Add 'debugfs=off' to kernel boot parameters in GRUB configuration
🧯 If You Can't Patch
- Unmount debugfs filesystem if not required for operations
- Restrict access to debugfs to trusted users only using filesystem permissions
🔍 How to Verify
Check if Vulnerable:
Check if debugfs is mounted: 'mount | grep debugfs'. If mounted, check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits: 'uname -r' and check git commit history for the specific patches.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- Process hang/stall messages in system logs
- Debugfs access errors
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("deadlock" OR "hang" OR "debugfs")🔗 References
- https://git.kernel.org/stable/c/3d08cca5fd0aabb62b7015067ab40913b33da906
- https://git.kernel.org/stable/c/952c3fce297f12c7ff59380adb66b564e2bc9b64
- https://git.kernel.org/stable/c/e88b5ae01901c4a655a53158397746334778a57b
- https://git.kernel.org/stable/c/3d08cca5fd0aabb62b7015067ab40913b33da906
- https://git.kernel.org/stable/c/952c3fce297f12c7ff59380adb66b564e2bc9b64
- https://git.kernel.org/stable/c/e88b5ae01901c4a655a53158397746334778a57b
