CVE-2024-50121 – A race condition vulnerability in the Linux ker... (How to Fix)

Q: What is the severity of CVE-2024-50121?

CVE-2024-50121 has a CVSS score of 7.8 (HIGH). A race condition vulnerability in the Linux kernel's NFS server (nfsd) can cause use-after-free errors and kernel warnings when shutting down NFS services. This occurs when the nfsd_client_shrinker work runs concurrently with nfsd shutdown operations, leading to improper resource cleanup. Systems running affected Linux kernel versions with NFS server enabled are vulnerable.

📋 TL;DR

A race condition vulnerability in the Linux kernel's NFS server (nfsd) can cause use-after-free errors and kernel warnings when shutting down NFS services. This occurs when the nfsd_client_shrinker work runs concurrently with nfsd shutdown operations, leading to improper resource cleanup. Systems running affected Linux kernel versions with NFS server enabled are vulnerable.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated in CVE, but references indicate fixes in stable kernel trees. Likely affects recent kernel versions before fixes were backported.

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when NFS server (nfsd) is enabled and running. Systems not using NFS server functionality are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash leading to denial of service, potentially allowing privilege escalation if memory corruption leads to code execution.

🟠

Likely Case

System instability, kernel warnings in logs, and denial of service when NFS services are stopped or restarted.

🟢

If Mitigated

Minor performance impact during NFS shutdown operations with proper synchronization.

🌐 Internet-Facing: MEDIUM - NFS servers exposed to untrusted networks could be targeted to trigger crashes, but exploitation requires NFS service manipulation.

🏢 Internal Only: LOW - Requires local access or ability to manipulate NFS server state, typically limited to administrators or authorized users.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires ability to trigger NFS server shutdown operations, typically requiring local or administrative access. Race condition timing makes reliable exploitation challenging.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in Linux kernel stable releases via commits: 36775f42e039b01d4abe8998bf66771a37d3cdcc, 5ade4382de16c34d9259cb548f36ec5c4555913c, add1df5eba163a3a6ece11cb85890e2e410baaea, d5ff2fb2e7167e9483846e34148e60c0c016a1f6, f67138dd338cb564ade7d3755c8cd4f68b46d397

Vendor Advisory: https://git.kernel.org/stable/c/36775f42e039b01d4abe8998bf66771a37d3cdcc

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify NFS services restart properly.

🔧 Temporary Workarounds

Disable NFS server

linux

If NFS server functionality is not required, disable it to eliminate vulnerability.

systemctl stop nfs-server
systemctl disable nfs-server

Avoid manual NFS shutdown

linux

Avoid writing '0' to /proc/fs/nfsd/threads which triggers the vulnerable code path.

🧯 If You Can't Patch

Monitor system logs for kernel warnings related to nfsd_file or nfsd_file_mark objects
Implement strict access controls to prevent unauthorized users from manipulating NFS server state

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if NFS server is running: 'uname -r' and 'systemctl status nfs-server' or 'ps aux | grep nfsd'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits and test NFS shutdown: 'echo 0 > /proc/fs/nfsd/threads' followed by restart, monitor logs for absence of warnings.

📡 Detection & Monitoring

Log Indicators:

Kernel warnings with 'BUG nfsd_file' or 'BUG nfsd_file_mark' in dmesg or system logs
Use-after-free errors in kernel logs during NFS operations

Network Indicators:

Unexpected NFS service restarts or failures

SIEM Query:

source="kernel" AND ("nfsd_file" OR "nfsd_file_mark") AND ("BUG" OR "warning" OR "use-after-free")

📊 Metadata

CVE ID: CVE-2024-50121

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: November 5, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50121, you might also want to check these: