CVE-2024-45026 – This vulnerability in the Linux kernel's s390/d... (How to Fix)

Q: What is the severity of CVE-2024-45026?

CVE-2024-45026 has a CVSS score of 7.8 (HIGH). This vulnerability in the Linux kernel's s390/dasd driver for IBM mainframe storage devices can lead to data corruption on Extent Space Efficient (ESE) thin-provisioned volumes during error recovery scenarios. The flawed error handling logic may misinterpret certain error conditions, causing improper formatting operations that corrupt existing data. This affects Linux systems running on IBM s390/zSeries architecture with ESE storage devices.

📋 TL;DR

This vulnerability in the Linux kernel's s390/dasd driver for IBM mainframe storage devices can lead to data corruption on Extent Space Efficient (ESE) thin-provisioned volumes during error recovery scenarios. The flawed error handling logic may misinterpret certain error conditions, causing improper formatting operations that corrupt existing data. This affects Linux systems running on IBM s390/zSeries architecture with ESE storage devices.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific kernel versions with the vulnerable dasd driver code; check git commits for exact ranges

Operating Systems: Linux on IBM s390/zSeries architecture

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using DASD (Direct Access Storage Device) drivers with ESE (Extent Space Efficient) thin-provisioned storage volumes. Requires specific error conditions during storage operations.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Permanent data corruption or loss on thin-provisioned storage volumes during storage server maintenance events like warmstarts, potentially affecting critical business data.

🟠

Likely Case

Data corruption during storage subsystem error recovery scenarios, leading to application errors, data inconsistencies, or system instability.

🟢

If Mitigated

Minimal impact if systems are patched before encountering the specific error conditions that trigger the vulnerability.

🌐 Internet-Facing: LOW - This is a storage subsystem vulnerability requiring local access to s390 systems with specific storage configurations.

🏢 Internal Only: MEDIUM - Affects internal IBM mainframe systems with ESE storage; exploitation requires specific error conditions but could impact critical business data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH - Requires triggering specific storage error conditions on s390 systems with ESE storage

Exploitation requires local access to trigger the error handling path and specific storage subsystem conditions. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 0a228896a1b3654cd461ff654f6a64e97a9c3246, 19f60a55b2fda49bc4f6134a5f6356ef62ee69d8, 5d4a304338daf83ace2887aaacafd66fe99ed5cc, 7db4042336580dfd75cb5faa82c12cd51098c90b, 93a7e2856951680cd7fe6ebd705ac10c8a8a5efd

Vendor Advisory: https://git.kernel.org/stable/c/0a228896a1b3654cd461ff654f6a64e97a9c3246

Restart Required: Yes

Instructions:

1. Update to a patched Linux kernel version containing the fix commits. 2. For enterprise distributions, apply vendor-provided kernel updates. 3. Reboot the system to load the patched kernel.

🔧 Temporary Workarounds

Disable ESE volumes

linux

Temporarily disable or avoid using Extent Space Efficient thin-provisioned volumes on affected s390 systems

Avoid storage warmstarts during operations

linux

Schedule storage maintenance during maintenance windows and avoid warmstarts during active operations

🧯 If You Can't Patch

Implement rigorous backup procedures for ESE volumes to enable recovery from potential corruption
Monitor storage subsystem logs for error conditions that could trigger the vulnerability

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if dasd driver with vulnerable code is loaded: 'uname -r' and 'lsmod | grep dasd'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: 'uname -r' and check git commit history for the dasd driver

📡 Detection & Monitoring

Log Indicators:

Storage subsystem errors on s390 systems with ESE volumes
DASD driver error messages during format operations
Unexpected storage formatting events

SIEM Query:

source="kernel" AND "dasd" AND ("error" OR "format" OR "ESE")

📊 Metadata

CVE ID: CVE-2024-45026

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: September 11, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45026, you might also want to check these: