CVE-2024-50229
📋 TL;DR
A race condition in the Linux kernel's nilfs2 filesystem can cause a deadlock when creating symbolic links, potentially leading to denial of service. This affects systems using the nilfs2 filesystem with vulnerable kernel versions. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System deadlock requiring hard reboot, causing extended downtime and potential data corruption in nilfs2 filesystems.
Likely Case
Local denial of service through system hang or crash when creating symlinks on nilfs2 filesystems.
If Mitigated
Minimal impact if nilfs2 filesystem is not used or system has been patched.
🎯 Exploit Status
Requires local access and ability to create symlinks on nilfs2 filesystem. Discovered through syzbot fuzzing.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits 1246d86e7bbde265761932c6e2dce28c69cdcb91 or later
Vendor Advisory: https://git.kernel.org/stable/c/1246d86e7bbde265761932c6e2dce28c69cdcb91
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify nilfs2 module loads correctly if needed.
🔧 Temporary Workarounds
Disable nilfs2 filesystem
linuxPrevent loading of nilfs2 kernel module to eliminate attack surface
echo 'install nilfs2 /bin/false' >> /etc/modprobe.d/disable-nilfs2.conf
rmmod nilfs2 2>/dev/null || true
Restrict symlink creation
linuxLimit ability to create symlinks on nilfs2 filesystems
chmod -R 755 /path/to/nilfs2/mount
setfacl -R -m u:user:rx /path/to/nilfs2/mount
🧯 If You Can't Patch
- Avoid using nilfs2 filesystem for critical systems
- Implement strict access controls to limit who can create symlinks on nilfs2 filesystems
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if nilfs2 module is loaded: 'uname -r' and 'lsmod | grep nilfs2'Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commit: 'grep -i nilfs /proc/version' or check kernel source📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- System hang/crash events
- nilfs2 module loading errors in dmesg
Network Indicators:
- None - local filesystem issue
SIEM Query:
source="kernel" AND ("nilfs2" OR "deadlock" OR "segctor_sem")🔗 References
- https://git.kernel.org/stable/c/1246d86e7bbde265761932c6e2dce28c69cdcb91
- https://git.kernel.org/stable/c/58c7f44c7b9e5ac7e3b1e5da2572ed7767a12f38
- https://git.kernel.org/stable/c/69548bb663fcb63f9ee0301be808a36b9d78dac3
- https://git.kernel.org/stable/c/9aa5d43ac4cace8fb9bd964ff6c23f599dc3cd24
- https://git.kernel.org/stable/c/a1686db1e59f8fc016c4c9361e2119dd206f479a
- https://git.kernel.org/stable/c/b3a033e3ecd3471248d474ef263aadc0059e516a
- https://git.kernel.org/stable/c/c72e0df0b56c1166736dc8eb62070ebb12591447
- https://git.kernel.org/stable/c/cc38c596e648575ce58bfc31623a6506eda4b94a
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
