CVE-2024-46682
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's NFS server (nfsd) can cause kernel panics when reading /proc/fs/nfsd/clients/*/states for closed NFSv4.0 files. This affects Linux systems running NFS server with NFSv4.0 protocol enabled. The vulnerability allows denial of service through system crashes.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring manual reboot of affected NFS servers.
Likely Case
System instability or crashes when administrators or monitoring tools read the states file, causing temporary service disruption.
If Mitigated
Minimal impact if proper access controls prevent unauthorized users from reading /proc/fs/nfsd/clients/*/states files.
🎯 Exploit Status
Exploitation requires NFS client access to create closed NFSv4.0 files and ability to trigger reading of states file. Not directly remote exploitable without NFS access.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel commits a204501e1743d695ca2930ed25a2be9f8ced96d3 and ba0b697de298285301c71c258598226e06494236
Vendor Advisory: https://git.kernel.org/stable/c/a204501e1743d695ca2930ed25a2be9f8ced96d3
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fixes. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update. 4. Verify nfsd service restarts properly.
🔧 Temporary Workarounds
Restrict access to states file
linuxPrevent reading of /proc/fs/nfsd/clients/*/states files to avoid triggering the vulnerability
chmod 600 /proc/fs/nfsd/clients/*/states
chown root:root /proc/fs/nfsd/clients/*/states
Disable NFSv4.0
linuxConfigure NFS server to use only NFSv4.1 or later protocols
echo 'options nfsd nfs4_disable_idmapping=1' > /etc/modprobe.d/nfs.conf
systemctl restart nfs-server
🧯 If You Can't Patch
- Implement strict access controls on /proc/fs/nfsd/clients/*/states files
- Monitor for kernel panic events and have recovery procedures ready
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if nfsd is running with NFSv4.0: 'uname -r' and 'cat /proc/fs/nfsd/versions'Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fixes and test reading /proc/fs/nfsd/clients/*/states after creating/closing NFSv4.0 files📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/messages or dmesg
- NFS server crash logs
- OOM killer events related to nfsd
Network Indicators:
- Sudden NFS service interruption
- Increased NFS error responses
SIEM Query:
source="kernel" AND ("panic" OR "Oops" OR "NULL pointer dereference") AND process="nfsd"