Login Sign Up

CVE-2024-41087

7.8 HIGH

📋 TL;DR

This CVE describes a double-free vulnerability in the Linux kernel's libata-core subsystem that occurs during error handling in ata_host_alloc(). When certain allocation failures happen, the code path triggers kfree() twice on the same memory address, causing kernel memory corruption. This affects Linux systems using the libata subsystem for ATA/SATA device support.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific versions between initial introduction of bug and fix commit 010de9acbea58fbcbda08e3793d6262086a493fe
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires libata subsystem to be loaded and used (common for systems with SATA/ATA storage). The vulnerability triggers during error conditions in ata_host_alloc().

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, potential denial of service, or in rare cases could be leveraged for privilege escalation if combined with other vulnerabilities.

🟠

Likely Case

System crash or kernel panic when the specific error condition is triggered during ATA device initialization, resulting in denial of service.

🟢

If Mitigated

System remains stable as the double-free condition is avoided through proper error handling.

🌐 Internet-Facing: LOW - This vulnerability requires local access or ability to trigger specific kernel error conditions, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or processes could potentially trigger the vulnerability through ATA device operations, causing system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH - Requires triggering specific error conditions in kernel memory allocation paths

Exploitation requires local access and ability to trigger the specific error condition in ata_host_alloc(). No public exploit code is known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commit 010de9acbea58fbcbda08e3793d6262086a493fe

Vendor Advisory: https://git.kernel.org/stable/c/010de9acbea58fbcbda08e3793d6262086a493fe

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commit. 2. For distributions: Use package manager to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable vulnerable subsystem

linux

Prevent loading of libata module to avoid triggering the vulnerability

echo 'blacklist libata' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

  • Restrict local user access to systems to reduce attack surface
  • Monitor system logs for kernel panic or Oops messages related to libata or ata_host_alloc

🔍 How to Verify

Check if Vulnerable:

Check kernel version and whether it contains the vulnerable code. Vulnerable if kernel is between bug introduction and fix commit 010de9acbea58fbcbda08e3793d6262086a493fe.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes commit 010de9acbea58fbcbda08e3793d6262086a493fe or later stable kernel release

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • Oops: invalid opcode errors
  • BUG: double free or corruption in kernel logs
  • ata_host_alloc failure messages

Network Indicators:

  • None - this is a local kernel vulnerability

SIEM Query:

source="kernel" AND ("double free" OR "invalid opcode" OR "ata_host_alloc" OR "libata")

📊 Metadata

CVE ID: CVE-2024-41087
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-415
Published: July 29, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-41087, you might also want to check these:

CVE-2020-35885 9.8

This vulnerability in the alpm-rs Rust crate allows double-free memory corruption due to improper de...

Same vulnerability type (CWE-415)
CVE-2021-29940 9.8

This vulnerability in the Rust 'through' crate allows double-free memory corruption when the map fun...

Same vulnerability type (CWE-415)
CVE-2023-49937 9.8

This CVE describes a double-free vulnerability in SchedMD Slurm workload manager that allows attacke...

Same vulnerability type (CWE-415)