Login Sign Up

CVE-2024-41000

7.8 HIGH
Denial of Service

📋 TL;DR

This CVE describes a signed integer overflow vulnerability in the Linux kernel's block/ioctl.c file. The vulnerability occurs during overflow checking logic and could potentially lead to kernel memory corruption or crashes. It affects Linux systems running vulnerable kernel versions.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Specific versions between when signed integer overflow sanitizer was reintroduced (Commit 557f8c582a9ba8ab) and the fix commits
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires kernel compiled with UBSAN (Undefined Behavior Sanitizer) support and specific I/O operations to trigger.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic, system crash, or potential privilege escalation leading to full system compromise if combined with other vulnerabilities.

🟠

Likely Case

System instability, kernel crashes, or denial of service conditions triggered by specific I/O operations.

🟢

If Mitigated

Minor performance impact from UBSAN sanitizer warnings in logs, but no security impact if proper kernel hardening is in place.

🌐 Internet-Facing: LOW - This requires local access or ability to trigger specific I/O operations, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or processes could potentially trigger the vulnerability, leading to system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH - Requires specific conditions and local access to trigger the overflow check.

Discovered via syzkaller fuzzing; exploitation would require triggering the specific overflow check path in block/ioctl.c.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 3220c90f4dbdc6d20d0608b164d964434a810d66, 54160fb1db2de367485f21e30196c42f7ee0be4e, 58706e482bf45c4db48b0c53aba2468c97adda24, 61ec76ec930709b7bcd69029ef1fe90491f20cf9, ccb326b5f9e623eb7f130fbbf2505ec0e2dcaff9

Vendor Advisory: https://git.kernel.org/stable/c/

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable UBSAN signed integer overflow checking

linux

Disable the UBSAN signed integer overflow sanitizer that triggers the warning

Rebuild kernel with CONFIG_UBSAN_SIGNED_OVERFLOW=n

🧯 If You Can't Patch

  • Restrict local user access to minimize potential trigger sources
  • Monitor system logs for UBSAN warnings related to block/ioctl.c

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if UBSAN warnings appear in dmesg related to block/ioctl.c:36

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits and no UBSAN warnings appear for block/ioctl.c

📡 Detection & Monitoring

Log Indicators:

  • UBSAN: signed-integer-overflow in ../block/ioctl.c:36:46
  • cgroup: Invalid name warnings

Network Indicators:

  • None - local vulnerability only

SIEM Query:

search 'UBSAN signed-integer-overflow block/ioctl.c' in kernel logs

📊 Metadata

CVE ID: CVE-2024-41000
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-190
Published: July 12, 2024
Last Updated: January 14, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-41000, you might also want to check these:

CVE-2025-64721 10.0

This vulnerability in Sandboxie allows sandboxed processes to exploit an integer overflow in the Sbi...

Same vulnerability type (CWE-190)
CVE-2025-52581 9.8

An integer overflow vulnerability in libbiosig's GDF file parsing allows arbitrary code execution wh...

Same vulnerability type (CWE-190)
CVE-2025-53518 9.8

An integer overflow vulnerability in libbiosig's ABF file parser allows arbitrary code execution whe...

Same vulnerability type (CWE-190)