Login Sign Up

CVE-2024-42251

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a kernel bug in the Linux kernel's memory management subsystem where the folio_try_get_rcu() function can cause a kernel panic (BUG) on non-SMP systems. The vulnerability occurs during memory page reference counting operations and can be triggered by user-space processes accessing memory through certain system calls. Systems running affected Linux kernel versions are vulnerable to denial of service.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific versions between the introduction of folio_try_get_rcu() and its removal; exact range depends on distribution backports but includes mainline kernels around 6.7.0-rc4
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Specifically affects non-SMP (single processor) kernel configurations; SMP systems may not trigger the bug. The vulnerability is in core memory management code.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

System crash or kernel panic when specific memory operations are performed, resulting in denial of service.

🟢

If Mitigated

No impact if patched; unpatched systems remain vulnerable to crashes from specific memory access patterns.

🌐 Internet-Facing: LOW - Requires local access or ability to execute code on the system; not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or processes can trigger the bug causing system instability, but requires specific conditions.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM - Requires understanding of kernel memory operations and ability to trigger specific code paths

The bug was discovered during testing (trinity-c3 stress testing) and appears to be a race condition in reference counting. No known active exploitation in the wild.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in mainline kernel commits: 16380f52b72166d6a33b508cc2509716f436253f, e7db2762ea3e69f215b3ec4db666006deccc37b4, fa2690af573dfefb47ba6eef888797a64b6b5f3c

Vendor Advisory: https://git.kernel.org/stable/c/16380f52b72166d6a33b508cc2509716f436253f

Restart Required: Yes

Instructions:

1. Update to a kernel version containing the fix commits. 2. Check your distribution's security advisories for backported patches. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Disable process_vm_readv/process_vm_writev

linux

Restrict access to the system calls that can trigger the vulnerable code path

sysctl -w kernel.yama.ptrace_scope=3
echo 1 > /proc/sys/kernel/yama/ptrace_scope

🧯 If You Can't Patch

  • Restrict user access to minimize potential triggers - use principle of least privilege
  • Monitor system logs for kernel panic/BUG messages and investigate any occurrences

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if folio_try_get_rcu() exists in kernel symbols: grep -r folio_try_get_rcu /proc/kallsyms

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is patched and folio_try_get_rcu() is no longer present in kernel symbols

📡 Detection & Monitoring

Log Indicators:

  • Kernel BUG messages in dmesg or system logs
  • Invalid opcode errors
  • Kernel panic stack traces mentioning try_get_folio or folio_try_get_rcu

Network Indicators:

  • None - this is a local kernel vulnerability

SIEM Query:

source="kernel" AND ("kernel BUG" OR "invalid opcode" OR "folio_try_get_rcu")

📊 Metadata

CVE ID: CVE-2024-42251
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-617
Published: August 8, 2024
Last Updated: September 6, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-42251, you might also want to check these:

CVE-2023-37015 8.6

This vulnerability allows remote attackers to cause denial of service by sending malformed ASN.1 pac...

Same vulnerability type (CWE-617)
CVE-2023-37016 8.6

CVE-2023-37016 is a remotely triggerable assertion vulnerability in Open5GS MME that allows denial o...

Same vulnerability type (CWE-617)
CVE-2023-37017 8.6

Open5GS MME versions up to 2.6.4 contain a remotely triggerable assertion via malformed ASN.1 packet...

Same vulnerability type (CWE-617)