CVE-2024-42307 – This CVE describes a null pointer dereference v... (How to Fix)

Q: What is the severity of CVE-2024-42307?

CVE-2024-42307 has a CVSS score of 5.5 (MEDIUM). This CVE describes a null pointer dereference vulnerability in the Linux kernel's CIFS/SMB client implementation. During error handling in the init_cifs() function, the code could attempt to destroy a workqueue that was never properly initialized, potentially causing a kernel panic. This affects systems using the CIFS filesystem client in vulnerable Linux kernel versions.

📋 TL;DR

This CVE describes a null pointer dereference vulnerability in the Linux kernel's CIFS/SMB client implementation. During error handling in the init_cifs() function, the code could attempt to destroy a workqueue that was never properly initialized, potentially causing a kernel panic. This affects systems using the CIFS filesystem client in vulnerable Linux kernel versions.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific vulnerable kernel versions with the bug introduced between certain commits; check kernel changelogs for exact ranges.

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with CIFS/SMB client support compiled into the kernel or loaded as a module, and only when CIFS initialization fails.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

System crash during CIFS filesystem initialization or error conditions, resulting in temporary denial of service.

🟢

If Mitigated

No impact if the vulnerable code path is not triggered during CIFS initialization errors.

🌐 Internet-Facing: LOW - This vulnerability requires local access or ability to trigger CIFS initialization errors.

🏢 Internal Only: MEDIUM - Internal users or services with access to trigger CIFS initialization could cause system crashes.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering the specific error path in init_cifs() function, which may require specific conditions or malformed CIFS configurations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 160235efb4f9b55212dedff5de0094c606c4b303, 193cc89ea0ca1da311877d2b4bb5e9f03bcc82a2, 3739d711246d8fbc95ff73dbdace9741cdce4777, or 6018971710fdc7739f8655c1540832b4bb903671

Vendor Advisory: https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.

🔧 Temporary Workarounds

Disable CIFS module

linux

Prevent loading of CIFS kernel module to avoid vulnerable code path

echo 'blacklist cifs' > /etc/modprobe.d/blacklist-cifs.conf
rmmod cifs

Avoid CIFS mounts

linux

Do not mount CIFS/SMB shares to prevent triggering initialization

# Remove CIFS mounts from /etc/fstab
# Avoid using mount -t cifs commands

🧯 If You Can't Patch

Restrict access to systems to prevent triggering CIFS initialization errors
Implement monitoring for kernel panics and system crashes related to CIFS operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if it contains the vulnerable code between specific git commits mentioned in references

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes one of the fix commits: 160235efb4f9b55212dedff5de0094c606c4b303, 193cc89ea0ca1da311877d2b4bb5e9f03bcc82a2, 3739d711246d8fbc95ff73dbdace9741cdce4777, or 6018971710fdc7739f8655c1540832b4bb903671

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/kern.log or dmesg
CIFS initialization failure messages
System crash/reboot events

Network Indicators:

Unexpected system reboots of CIFS-enabled servers

SIEM Query:

source="kernel" AND ("panic" OR "Oops") AND "cifs"

📊 Metadata

CVE ID: CVE-2024-42307

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: August 17, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-42307, you might also want to check these: