Login Sign Up

CVE-2024-36947

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a dentry leak vulnerability in the Linux kernel's qibfs filesystem. It allows local attackers to cause a denial of service by exhausting kernel memory through improper reference counting. Systems running affected Linux kernel versions with qibfs enabled are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but patches exist for multiple stable branches
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if qibfs (InfiniBand filesystem) is enabled/used. Many distributions don't enable this by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker could exhaust kernel memory, causing system instability, crashes, or denial of service affecting all users and services on the system.

🟠

Likely Case

Local user could cause gradual memory exhaustion leading to performance degradation or system instability over time.

🟢

If Mitigated

With proper access controls limiting local user privileges, impact is minimal as only authenticated local users can trigger the vulnerability.

🌐 Internet-Facing: LOW - This is a local privilege vulnerability requiring local access to the system.
🏢 Internal Only: MEDIUM - Internal users with local access could exploit this to cause denial of service on affected systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and knowledge of qibfs operations. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with fixes available (see references)

Vendor Advisory: https://git.kernel.org/stable/c/02ee394a5d899d9bd2f0759382e9481cab6166f8

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable qibfs module

linux

Prevent loading of the vulnerable qibfs kernel module

echo 'blacklist qibfs' >> /etc/modprobe.d/blacklist.conf
rmmod qibfs

🧯 If You Can't Patch

  • Restrict local user access to systems with qibfs enabled
  • Monitor system memory usage and kernel logs for signs of memory exhaustion

🔍 How to Verify

Check if Vulnerable:

Check if qibfs module is loaded: lsmod | grep qibfs

Check Version:

uname -r

Verify Fix Applied:

Check kernel version after update matches patched version and qibfs module functions normally

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages
  • Memory allocation failures in dmesg
  • System instability logs

Network Indicators:

  • None - local vulnerability only

SIEM Query:

Search for kernel panic logs or memory exhaustion alerts related to qibfs operations

📊 Metadata

CVE ID: CVE-2024-36947
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-401
Published: May 30, 2024
Last Updated: September 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36947, you might also want to check these:

CVE-2021-40633 8.8

CVE-2021-40633 is a memory leak vulnerability in gif2rgb, a utility in giflib 5.1.4, allowing remote...

Same vulnerability type (CWE-401)
CVE-2021-3492 8.8

CVE-2021-3492 is a kernel vulnerability in Ubuntu's Shiftfs filesystem where improper error handling...

Same vulnerability type (CWE-401)
CVE-2024-25450 8.8

CVE-2024-25450 is a memory allocation vulnerability in imlib2 v1.9.1's init_imlib_fonts() function t...

Same vulnerability type (CWE-401)