Login Sign Up

CVE-2024-47693

6.5 MEDIUM

📋 TL;DR

This CVE describes a resource cleanup vulnerability in the Linux kernel's InfiniBand subsystem. When ib_cache_update() fails during device initialization, the system doesn't properly clean up previously allocated GID table resources, leading to a kernel warning and potential resource leaks. This affects systems using InfiniBand or RDMA technologies.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions containing the vulnerable code up to fixes in stable releases
Operating Systems: Linux distributions with InfiniBand/RDMA support enabled
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when InfiniBand or RDMA subsystems are enabled and in use. Most desktop systems are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash due to resource exhaustion if the warning triggers panic-on-warn configurations, potentially causing denial of service.

🟠

Likely Case

Kernel warning messages in system logs during InfiniBand device initialization failures, with possible minor resource leaks but no direct exploitation.

🟢

If Mitigated

Only kernel warnings in logs with no functional impact if panic-on-warn is disabled.

🌐 Internet-Facing: LOW - Requires local access or InfiniBand network access; not directly exploitable over standard internet protocols.
🏢 Internal Only: MEDIUM - Affects systems with InfiniBand/RDMA infrastructure; could cause service disruption in HPC or storage clusters.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: HIGH

This is an error handling bug, not a traditional security vulnerability. Exploitation would require triggering specific InfiniBand initialization failures.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in Linux kernel stable releases via commits referenced in CVE

Vendor Advisory: https://git.kernel.org/stable/c/1403c8b14765eab805377dd3b75e96ace8747aed

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. For custom kernels, apply the fix from kernel git repository. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable InfiniBand/RDMA if not needed

linux

Prevent the vulnerable code from being loaded by disabling InfiniBand support

modprobe -r ib_core
echo 'blacklist ib_core' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Monitor system logs for kernel warnings related to gid_table_release_one
  • Ensure panic-on-warn is disabled (sysctl kernel.panic_on_warn=0)

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if InfiniBand modules are loaded: lsmod | grep ib_

Check Version:

uname -r

Verify Fix Applied:

Check kernel version is patched and monitor dmesg for absence of gid_table_release_one warnings

📡 Detection & Monitoring

Log Indicators:

  • Kernel warnings containing 'gid_table_release_one' in dmesg or /var/log/kern.log

Network Indicators:

  • None - this is a local kernel issue

SIEM Query:

source="kernel" AND "gid_table_release_one" AND "WARNING"

📊 Metadata

CVE ID: CVE-2024-47693
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-459
Published: October 21, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47693, you might also want to check these:

CVE-2023-36468 9.9

XWiki Platform retains vulnerable old document revisions after upgrades, allowing attackers to explo...

Same vulnerability type (CWE-459)
CVE-2021-45330 9.8

This vulnerability in Gitea allows a malicious user to maintain access to a session even after logou...

Same vulnerability type (CWE-459)
CVE-2021-32928 9.8

This vulnerability in Sentinel LDK Run-Time Environment installer versions 7.6 and prior leaves TCP ...

Same vulnerability type (CWE-459)