CVE-2024-35948 – A missing bounds check in the bcachefs filesyst... (How to Fix)

Q: What is the severity of CVE-2024-35948?

CVE-2024-35948 has a CVSS score of 8.4 (HIGH). A missing bounds check in the bcachefs filesystem superblock validation in the Linux kernel allows journal entries to overrun the clean section boundary. This could lead to memory corruption or system crashes. Systems using bcachefs filesystem with vulnerable kernel versions are affected.

📋 TL;DR

A missing bounds check in the bcachefs filesystem superblock validation in the Linux kernel allows journal entries to overrun the clean section boundary. This could lead to memory corruption or system crashes. Systems using bcachefs filesystem with vulnerable kernel versions are affected.

💻 Affected Systems

Products:

Linux kernel with bcachefs support

Versions: Kernel versions with vulnerable bcachefs implementation (specific versions depend on distribution backports)

Operating Systems: Linux distributions with bcachefs support

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if bcachefs filesystem is in use. Most systems don't use bcachefs by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic, system crash, or potential arbitrary code execution leading to full system compromise.

🟠

Likely Case

System instability, crashes, or filesystem corruption when accessing bcachefs volumes.

🟢

If Mitigated

Minimal impact due to superblock checksums and backups providing recovery options.

🌐 Internet-Facing: LOW - Requires local filesystem access, not directly network exploitable.

🏢 Internal Only: MEDIUM - Local users or processes with bcachefs access could trigger the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access to trigger superblock validation with crafted journal entries.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel commit fcdbc1d7a4b638e5d5668de461f320386f3002aa and later

Vendor Advisory: https://git.kernel.org/stable/c/fcdbc1d7a4b638e5d5668de461f320386f3002aa

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Check if bcachefs module is loaded. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable bcachefs module

linux

Prevent loading of vulnerable bcachefs kernel module

echo 'blacklist bcachefs' >> /etc/modprobe.d/blacklist-bcachefs.conf
rmmod bcachefs

🧯 If You Can't Patch

Avoid using bcachefs filesystem on vulnerable systems
Restrict local user access to systems with bcachefs volumes

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if bcachefs module is loaded: 'uname -r' and 'lsmod | grep bcachefs'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is patched and bcachefs module version matches fixed commit

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
bcachefs error logs
system crash dumps

Network Indicators:

None - local vulnerability

SIEM Query:

search 'kernel panic' OR 'bcachefs' OR 'segmentation fault' in system logs

📊 Metadata

CVE ID: CVE-2024-35948

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-400

Published: May 20, 2024

Last Updated: November 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35948, you might also want to check these: