CVE-2024-45003
📋 TL;DR
A race condition in the Linux kernel's inode cache management can cause deadlocks when filesystems with extended attribute features (like ext4 with ea_inode or UBIFS) attempt to look up inodes during eviction. This affects Linux systems using these filesystem features and can lead to system hangs or performance degradation.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System deadlock requiring hard reboot, causing denial of service and potential data corruption.
Likely Case
Temporary system hangs or performance degradation during heavy filesystem operations.
If Mitigated
Minor performance impact during inode cache management operations.
🎯 Exploit Status
Exploitation requires local access and specific timing conditions during inode cache management.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 03880af02a78bc9a98b5a581f529cf709c88a9b8 and related fixes
Vendor Advisory: https://git.kernel.org/stable/c/03880af02a78bc9a98b5a581f529cf709c88a9b8
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from distribution vendor. 2. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable extended attribute inode features
linuxDisable ea_inode feature on ext4 filesystems to avoid the vulnerable code path.
tune2fs -O ^ea_inode /dev/device
Avoid aggressive cache dropping
linuxPrevent manual cache dropping operations that could trigger the race condition.
Avoid running: echo 2 > /proc/sys/vm/drop_caches
🧯 If You Can't Patch
- Monitor system for hangs during filesystem operations and restart affected services.
- Implement strict access controls to limit who can perform filesystem operations that trigger extended attribute lookups.
🔍 How to Verify
Check if Vulnerable:
Check kernel version and verify if using ext4 with ea_inode or UBIFS with xattr features.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits or check with distribution vendor for patched kernel.📡 Detection & Monitoring
Log Indicators:
- System hangs, kernel panic messages, process stuck in D state in process lists
Network Indicators:
- None - local filesystem issue
SIEM Query:
Search for kernel panic logs or processes stuck in uninterruptible sleep (D state) during filesystem operations.🔗 References
- https://git.kernel.org/stable/c/03880af02a78bc9a98b5a581f529cf709c88a9b8
- https://git.kernel.org/stable/c/2a0629834cd82f05d424bbc193374f9a43d1f87d
- https://git.kernel.org/stable/c/3525ad25240dfdd8c78f3470911ed10aa727aa72
- https://git.kernel.org/stable/c/437741eba63bf4e437e2beb5583f8633556a2b98
- https://git.kernel.org/stable/c/9063ab49c11e9518a3f2352434bb276cc8134c5f
- https://git.kernel.org/stable/c/b9bda5f6012dd00372f3a06a82ed8971a4c57c32
- https://git.kernel.org/stable/c/cda54ec82c0f9d05393242b20b13f69b083f7e88
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
