Login Sign Up

CVE-2024-35904

5.5 MEDIUM
Denial of Service

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's SELinux subsystem occurs when kern_mount() fails during SELinux filesystem mounting. This could cause kernel crashes or denial of service on systems with SELinux enabled. The vulnerability affects Linux systems running vulnerable kernel versions with SELinux configured.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific vulnerable kernel versions need to be checked against the git commits; generally affects versions before the fix commits listed in references.
Operating Systems: Linux distributions with SELinux support (RHEL, Fedora, CentOS, Ubuntu, Debian, etc.)
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when SELinux is enabled and configured. Systems with SELinux disabled are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially requiring physical or remote console access to reboot.

🟠

Likely Case

System crash or kernel panic when SELinux filesystem mounting fails under specific conditions, requiring reboot to restore service.

🟢

If Mitigated

No impact if SELinux is disabled or if the system doesn't trigger the specific mount failure condition.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger specific kernel operations; not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or processes could potentially trigger the condition leading to denial of service on affected systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires triggering specific kernel mount failure conditions. No public exploits available as of the advisory date.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 37801a36b4d68892ce807264f784d818f8d0d39b, 477ed6789eb9f3f4d3568bb977f90c863c12724e, or 68784a5d01b8868ff85a7926676b6729715fff3c

Vendor Advisory: Check specific Linux distribution security advisories (RHEL, Ubuntu, Debian, etc.)

Restart Required: Yes

Instructions:

1. Check your Linux distribution's security advisory for this CVE. 2. Update kernel package using your package manager (yum update kernel, apt upgrade linux-image, etc.). 3. Reboot system to load patched kernel.

🔧 Temporary Workarounds

Disable SELinux

linux

Temporarily disable SELinux to avoid the vulnerability (not recommended for production security)

setenforce 0
echo 0 > /sys/fs/selinux/enforce

🧯 If You Can't Patch

  • Monitor system logs for SELinux mount failures and kernel panic events
  • Implement strict access controls to limit who can trigger kernel operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's patched versions. Check if SELinux is enabled: sestatus

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update matches patched version from vendor advisory. Check that SELinux remains functional.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages in /var/log/messages or dmesg
  • SELinux mount failure errors
  • System crash/reboot events

Network Indicators:

  • None - local vulnerability only

SIEM Query:

Search for 'kernel panic' OR 'SELinux mount failed' OR 'NULL pointer dereference' in system logs

📊 Metadata

CVE ID: CVE-2024-35904
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-476
Published: May 19, 2024
Last Updated: February 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35904, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2019-20914 9.8

This vulnerability in GNU LibreDWG is a NULL pointer dereference that can cause application crashes ...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)