Login Sign Up

CVE-2024-45025

5.5 MEDIUM

📋 TL;DR

A Linux kernel vulnerability in the close_range() system call with CLOSE_RANGE_UNSHARE flag can cause bitmap corruption in file descriptor tables. This allows file descriptors to be incorrectly marked as closed when they're actually open, potentially leading to information disclosure or privilege escalation. Affects Linux systems using specific kernel versions with shared file descriptor tables.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Specific affected versions not specified in CVE, but patches available for stable branches
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires use of close_range() with CLOSE_RANGE_UNSHARE flag on shared file descriptor tables with specific conditions.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Privilege escalation through file descriptor confusion allowing unauthorized access to sensitive files or resources, potentially leading to full system compromise.

🟠

Likely Case

Information disclosure through incorrect file descriptor handling, allowing processes to access files they shouldn't be able to access.

🟢

If Mitigated

Limited impact with proper process isolation and minimal use of shared file descriptor tables.

🌐 Internet-Facing: LOW - Requires local access and specific conditions to exploit.
🏢 Internal Only: MEDIUM - Can be exploited by local users or compromised processes on multi-user systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Reproducer exists in kernel testing suite, requires local access and specific conditions to trigger.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel branches (commits listed in references)

Vendor Advisory: https://git.kernel.org/stable/c/5053581fe5dfb09b58c65dd8462bf5dea71f41ff

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable CLOSE_RANGE_UNSHARE usage

linux

Avoid using close_range() with CLOSE_RANGE_UNSHARE flag in applications

Review application code and remove CLOSE_RANGE_UNSHARE usage

Restrict process capabilities

linux

Limit capabilities of processes that might use close_range()

Use capabilities(7) to restrict CAP_SYS_ADMIN and other privileges

🧯 If You Can't Patch

  • Implement strict process isolation and minimal privilege principles
  • Monitor for unusual file descriptor behavior and system calls

🔍 How to Verify

Check if Vulnerable:

Check kernel version against patched versions from your distribution vendor

Check Version:

uname -r

Verify Fix Applied:

Run close_range_test from kernel selftests to verify fix

📡 Detection & Monitoring

Log Indicators:

  • Unusual close_range() system calls with CLOSE_RANGE_UNSHARE
  • File descriptor table corruption errors

Network Indicators:

  • None - local vulnerability only

SIEM Query:

process.name: close_range AND syscall.args.flags: CLOSE_RANGE_UNSHARE

📊 Metadata

CVE ID: CVE-2024-45025
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-787
Published: September 11, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45025, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2018-6692 10.0

This vulnerability allows remote attackers to execute arbitrary code on Belkin Wemo Insight Smart Pl...

Same vulnerability type (CWE-787)