CVE-2024-50271 – A Linux kernel vulnerability where the RLIMIT

Q: What is the severity of CVE-2024-50271?

CVE-2024-50271 has a CVSS score of 5.5 (MEDIUM). A Linux kernel vulnerability where the RLIMIT_SIGPENDING resource limit is incorrectly enforced even when override_rlimit is set, preventing proper signal delivery with siginfo. This affects applications that rely on signal handling, particularly Java applications, causing crashes and unpredictable behavior when the signal limit is reached.

📋 TL;DR

A Linux kernel vulnerability where the RLIMIT_SIGPENDING resource limit is incorrectly enforced even when override_rlimit is set, preventing proper signal delivery with siginfo. This affects applications that rely on signal handling, particularly Java applications, causing crashes and unpredictable behavior when the signal limit is reached.

💻 Affected Systems

Products:

Linux kernel

Versions: Kernel versions between commit d64696905554 and the fix commits listed in references

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems where RLIMIT_SIGPENDING limit is set and applications generate many signals. Java applications are specifically mentioned as affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Critical applications crash or become unresponsive when receiving signals like SIGSEGV, preventing proper error handling and potentially causing data loss or service disruption.

🟠

Likely Case

Java applications and other signal-intensive processes experience crashes or incorrect behavior when the signal queue limit is reached, leading to application failures.

🟢

If Mitigated

With proper monitoring of signal queue limits and application restart policies, impact is limited to temporary service interruptions.

🌐 Internet-Facing: LOW - This vulnerability requires local access or ability to trigger signals within affected processes, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Internal applications, particularly Java-based services, could experience crashes affecting business operations.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM - Requires ability to trigger signals in affected processes and reach RLIMIT_SIGPENDING limit

This is a reliability/DoS issue rather than a traditional security exploit. Attackers could potentially crash applications by exhausting signal queue.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commits 012f4d5d25e9ef92ee129bd5aa7aa60f692681e1, 0208ea17a1e4456fbfe555f13ae5c28f3d671e40, 4877d9b2a2ebad3ae240127aaa4cb8258b145cf7, or 9e05e5c7ee8758141d2db7e8fea2cab34500c6ed

Vendor Advisory: https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Increase RLIMIT_SIGPENDING limit

linux

Temporarily increase the signal queue limit for affected processes to prevent reaching the limit

ulimit -i unlimited
prlimit --pid <PID> --sigpending=unlimited

Monitor and restart affected processes

linux

Monitor signal queue usage and restart processes before they reach critical limits

watch -n 60 'cat /proc/<PID>/limits | grep sigpending'

🧯 If You Can't Patch

Monitor application logs for signal-related crashes and implement automatic restart policies
Increase RLIMIT_SIGPENDING limits system-wide or per-process to reduce likelihood of hitting limits

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with affected range. Check if applications are experiencing signal delivery failures.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes one of the fix commits. Test signal-intensive applications for proper behavior.

📡 Detection & Monitoring

Log Indicators:

Application crashes with signal handling errors
Java application failures when receiving SIGSEGV
Kernel logs showing signal queue exhaustion

Network Indicators:

None - this is a local kernel issue

SIEM Query:

source="kernel" AND ("signal" OR "sigqueue" OR "RLIMIT_SIGPENDING") AND ("failed" OR "error" OR "limit")

📊 Metadata

CVE ID: CVE-2024-50271

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

Published: November 19, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50271, you might also want to check these: