CVE-2024-35969
📋 TL;DR
A race condition in the Linux kernel's IPv6 implementation allows a use-after-free vulnerability when ipv6_get_ifaddr and ipv6_del_addr execute concurrently. This can lead to kernel memory corruption and potential system crashes. Systems running vulnerable Linux kernel versions with IPv6 enabled are affected.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, denial of service, or potential privilege escalation if combined with other vulnerabilities.
Likely Case
System instability, kernel crashes, or denial of service affecting network functionality.
If Mitigated
Minor performance impact or no noticeable effect if race condition doesn't trigger.
🎯 Exploit Status
Exploitation requires precise timing to trigger the race condition and may be difficult to reliably reproduce.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commit 01b11a0566670612bd464a932e5ac2eae53d8652 or later
Vendor Advisory: https://git.kernel.org/stable/c/01b11a0566670612bd464a932e5ac2eae53d8652
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable IPv6
linuxTemporarily disable IPv6 to prevent the race condition from being triggered.
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6
🧯 If You Can't Patch
- Implement network segmentation to limit exposure
- Monitor systems for kernel crashes or instability
🔍 How to Verify
Check if Vulnerable:
Check kernel version and verify if it includes the vulnerable code before the fix commit.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes commit 01b11a0566670612bd464a932e5ac2eae53d8652 or check with distribution's security update status.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- refcount_t warnings in dmesg
- system crash reports
Network Indicators:
- Unexpected network interface failures
- IPv6 address assignment issues
SIEM Query:
source="kernel" AND ("refcount_t" OR "use-after-free" OR "ipv6_get_ifaddr")🔗 References
- https://git.kernel.org/stable/c/01b11a0566670612bd464a932e5ac2eae53d8652
- https://git.kernel.org/stable/c/3fb02ec57ead2891a2306af8c51a306bc5945e70
- https://git.kernel.org/stable/c/4b19e9507c275de0cfe61c24db69179dc52cf9fb
- https://git.kernel.org/stable/c/6cdb20c342cd0193d3e956e3d83981d0f438bb83
- https://git.kernel.org/stable/c/7633c4da919ad51164acbf1aa322cc1a3ead6129
- https://git.kernel.org/stable/c/b4b3b69a19016d4e7fbdbd1dbcc184915eb862e1
- https://git.kernel.org/stable/c/cca606e14264098cba65efa82790825dbf69e903
- https://git.kernel.org/stable/c/de76ae9ea1a6cf9e77fcec4f2df2904e26c23ceb
- https://git.kernel.org/stable/c/01b11a0566670612bd464a932e5ac2eae53d8652
- https://git.kernel.org/stable/c/3fb02ec57ead2891a2306af8c51a306bc5945e70
- https://git.kernel.org/stable/c/4b19e9507c275de0cfe61c24db69179dc52cf9fb
- https://git.kernel.org/stable/c/6cdb20c342cd0193d3e956e3d83981d0f438bb83
- https://git.kernel.org/stable/c/7633c4da919ad51164acbf1aa322cc1a3ead6129
- https://git.kernel.org/stable/c/b4b3b69a19016d4e7fbdbd1dbcc184915eb862e1
- https://git.kernel.org/stable/c/cca606e14264098cba65efa82790825dbf69e903
- https://git.kernel.org/stable/c/de76ae9ea1a6cf9e77fcec4f2df2904e26c23ceb
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
