CVE-2024-35805
📋 TL;DR
This CVE describes a denial-of-service vulnerability in the Linux kernel's device mapper snapshot subsystem. When destroying a snapshot with many exceptions, the system can lock up due to a missing cond_resched() call in the cleanup loop. This affects systems using Linux device mapper snapshots, particularly those with high-volume storage operations.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system lockup requiring hard reboot, potentially causing data corruption or loss in active storage operations.
Likely Case
Temporary system unresponsiveness when removing snapshots with large exception tables, requiring manual intervention.
If Mitigated
Minor performance impact during snapshot cleanup with proper patching.
🎯 Exploit Status
Exploitation requires local access and ability to create/destroy device mapper snapshots. The vulnerability is triggered during normal cleanup operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with fixes referenced in git commits
Vendor Advisory: https://git.kernel.org/stable/c/116562e804ffc9dc600adab6326dde31d72262c7
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.
🔧 Temporary Workarounds
Limit snapshot exception count
linuxAvoid creating snapshots with extremely large exception tables
# Monitor snapshot exception counts
# dmstats create --alldevices
# Review snapshot usage patterns
Avoid unnecessary snapshot destruction
linuxSchedule snapshot cleanup during maintenance windows
# Use cron jobs for off-hours cleanup
# Implement snapshot lifecycle management
🧯 If You Can't Patch
- Monitor system for lockup symptoms during snapshot operations
- Implement strict access controls to limit who can create/destroy device mapper snapshots
🔍 How to Verify
Check if Vulnerable:
Check if system uses device mapper snapshots and has unpatched kernel: 'lsmod | grep dm_snapshot' and 'uname -r'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to patched release: 'uname -r' and check with distribution vendor for specific patched versions📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- System lockup events in syslog
- Device mapper errors in dmesg
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
source="kernel" AND ("lockup" OR "panic" OR "dm_snapshot")🔗 References
- https://git.kernel.org/stable/c/116562e804ffc9dc600adab6326dde31d72262c7
- https://git.kernel.org/stable/c/3d47eb405781cc5127deca9a14e24b27696087a1
- https://git.kernel.org/stable/c/5f4ad4d0b0943296287313db60b3f84df4aad683
- https://git.kernel.org/stable/c/6e7132ed3c07bd8a6ce3db4bb307ef2852b322dc
- https://git.kernel.org/stable/c/9759ff196e7d248bcf8386a7451d6ff8537a7d9c
- https://git.kernel.org/stable/c/e50f83061ac250f90710757a3e51b70a200835e2
- https://git.kernel.org/stable/c/e7d4cff57c3c43fdd72342c78d4138f509c7416e
- https://git.kernel.org/stable/c/fa5c055800a7fd49a36bbb52593aca4ea986a366
- https://git.kernel.org/stable/c/116562e804ffc9dc600adab6326dde31d72262c7
- https://git.kernel.org/stable/c/3d47eb405781cc5127deca9a14e24b27696087a1
- https://git.kernel.org/stable/c/5f4ad4d0b0943296287313db60b3f84df4aad683
- https://git.kernel.org/stable/c/6e7132ed3c07bd8a6ce3db4bb307ef2852b322dc
- https://git.kernel.org/stable/c/9759ff196e7d248bcf8386a7451d6ff8537a7d9c
- https://git.kernel.org/stable/c/e50f83061ac250f90710757a3e51b70a200835e2
- https://git.kernel.org/stable/c/e7d4cff57c3c43fdd72342c78d4138f509c7416e
- https://git.kernel.org/stable/c/fa5c055800a7fd49a36bbb52593aca4ea986a366
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
