CVE-2024-35821
📋 TL;DR
This Linux kernel vulnerability in the UBIFS filesystem allows concurrent readers to see stale data when reading from page cache. It affects systems using UBIFS on flash storage with unpatched Linux kernels. The race condition occurs during file write operations.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Data corruption or information disclosure where sensitive data from previously freed pages could be exposed to unauthorized processes.
Likely Case
Application crashes or data inconsistencies when processes read outdated file content during concurrent operations.
If Mitigated
Minor performance impact with proper kernel isolation and filesystem permissions limiting exposure.
🎯 Exploit Status
Requires local access and timing precision to trigger the race condition. No known public exploits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in stable kernel releases via commits referenced in CVE
Vendor Advisory: https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Avoid UBIFS usage
linuxUse alternative filesystems if UBIFS is not required for your use case
Restrict filesystem access
linuxLimit which users and processes can access UBIFS-mounted directories
chmod 700 /mount/point
setfacl -m u:username:rx /mount/point
🧯 If You Can't Patch
- Implement strict access controls on UBIFS-mounted directories
- Monitor system logs for filesystem errors or application crashes related to UBIFS operations
🔍 How to Verify
Check if Vulnerable:
Check if using UBIFS: 'mount | grep ubifs' and check kernel version against patched releasesCheck Version:
uname -rVerify Fix Applied:
Verify kernel version after update and ensure UBIFS is functioning normally📡 Detection & Monitoring
Log Indicators:
- UBIFS error messages in dmesg or system logs
- Application crashes when reading/writing UBIFS files
Network Indicators:
- None - local filesystem vulnerability
SIEM Query:
source="kernel" AND "UBIFS" AND ("error" OR "warning")🔗 References
- https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3
- https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566
- https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e
- https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e
- https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f
- https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310
- https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f
- https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3
- https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f
- https://git.kernel.org/stable/c/142d87c958d9454c3cffa625fab56f3016e8f9f3
- https://git.kernel.org/stable/c/17772bbe9cfa972ea1ff827319f6e1340de76566
- https://git.kernel.org/stable/c/4aa554832b9dc9e66249df75b8f447d87853e12e
- https://git.kernel.org/stable/c/4b7c4fc60d6a46350fbe54f5dc937aeaa02e675e
- https://git.kernel.org/stable/c/723012cab779eee8228376754e22c6594229bf8f
- https://git.kernel.org/stable/c/778c6ad40256f1c03244fc06d7cdf71f6b5e7310
- https://git.kernel.org/stable/c/8f599ab6fabbca4c741107eade70722a98adfd9f
- https://git.kernel.org/stable/c/f19b1023a3758f40791ec166038d6411c8894ae3
- https://git.kernel.org/stable/c/fc99f4e2d2f1ce766c14e98463c2839194ae964f
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
