CVE-2024-50278
📋 TL;DR
A Linux kernel vulnerability in the dm-cache subsystem allows out-of-bounds memory access when resuming a cache table after expanding the underlying fast device. This affects systems using device-mapper cache targets for storage optimization. Attackers with local access could potentially crash the system or execute arbitrary code.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation to kernel-level code execution.
Likely Case
System crash or kernel panic causing denial of service.
If Mitigated
Limited to local attackers with device-mapper configuration privileges.
🎯 Exploit Status
Exploitation requires local access and knowledge of device-mapper cache configuration. The provided reproduction steps demonstrate the trigger condition.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel branches (commits: 036dd6e3d263, 13ed3624c6ef, 2222b0929d00, 483b7261b35a, c0ade5d98979)
Vendor Advisory: https://git.kernel.org/stable/c/036dd6e3d2638103e0092864577ea1d091466b86
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.
🔧 Temporary Workarounds
Disable dm-cache usage
linuxAvoid using device-mapper cache targets until patched
# Check for active cache targets: dmsetup table | grep cache
# Remove cache targets if not essential
🧯 If You Can't Patch
- Restrict device-mapper configuration privileges to trusted administrators only
- Monitor for KASAN reports or kernel panics related to dm-cache operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if dm-cache is in use: 'dmsetup table | grep cache' and 'uname -r'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to include the fix commits, and test cache resume operations📡 Detection & Monitoring
Log Indicators:
- KASAN reports of vmalloc-out-of-bounds in is_dirty_callback
- Kernel panic logs related to dm-cache
- System logs showing cache resume failures
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("KASAN" OR "out-of-bounds" OR "dm-cache" OR "cache_preresume")🔗 References
- https://git.kernel.org/stable/c/036dd6e3d2638103e0092864577ea1d091466b86
- https://git.kernel.org/stable/c/13ed3624c6ef283acefa4cc42cc8ae54fd4391a4
- https://git.kernel.org/stable/c/2222b0929d00e2d13732b799b63be391b5de4492
- https://git.kernel.org/stable/c/483b7261b35a9d369082ab298a6670912243f0be
- https://git.kernel.org/stable/c/c0ade5d98979585d4f5a93e4514c2e9a65afa08d
- https://git.kernel.org/stable/c/c52ec00cb2f9bebfada22edcc0db385b910a1cdb
- https://git.kernel.org/stable/c/e492f71854ce03474d49e87fd98b8df1f7cd1d2d
- https://git.kernel.org/stable/c/fdef3b94dfebd57e3077a578b6e309a2bb6fa688
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
