CVE-2024-53121 – A race condition vulnerability in the Linux ker... (How to Fix)

Q: What is the severity of CVE-2024-53121?

CVE-2024-53121 has a CVSS score of 5.5 (MEDIUM). A race condition vulnerability in the Linux kernel's mlx5 network driver allows simultaneous deletion and addition of flow table entries (FTEs) to cause a kernel panic. This affects systems using Mellanox network adapters with the mlx5 driver, potentially leading to denial of service.

📋 TL;DR

A race condition vulnerability in the Linux kernel's mlx5 network driver allows simultaneous deletion and addition of flow table entries (FTEs) to cause a kernel panic. This affects systems using Mellanox network adapters with the mlx5 driver, potentially leading to denial of service.

💻 Affected Systems

Products:

Linux kernel mlx5 network driver

Versions: Linux kernel versions with vulnerable mlx5 driver commits, specifically around 6.12.0-rc1 and related stable branches

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Mellanox network adapters using the mlx5 driver. Requires concurrent flow rule modifications to trigger.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and complete denial of service, requiring physical or remote console access to reboot.

🟠

Likely Case

System instability or crash when network rules are being modified concurrently, disrupting network connectivity and services.

🟢

If Mitigated

Minor performance impact from additional locking overhead during flow rule operations.

🌐 Internet-Facing: LOW - Requires local access or ability to manipulate network rules through privileged interfaces.

🏢 Internal Only: MEDIUM - Could be triggered by legitimate administrative actions or automated network management tools.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: HIGH - Requires precise timing of concurrent flow rule operations

Exploitation requires ability to create and delete network flow rules, typically requiring root or CAP_NET_ADMIN privileges.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in kernel commits: 094d1a2121cee1e85ab07d74388f94809dcfb5b9, 0d568258f99f2076ab02e9234cbabbd43e12f30e, 5b47c2f47c2fe921681f4a4fe2790375e6c04cdd, 933ef0d17f012b653e9e6006e3f50c8d0238b5ed, 9ca314419930f9135727e39d77e66262d5f7bef6

Vendor Advisory: https://git.kernel.org/stable/c/094d1a2121cee1e85ab07d74388f94809dcfb5b9

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify mlx5 driver is using patched code.

🔧 Temporary Workarounds

Limit concurrent flow rule modifications

linux

Avoid simultaneous addition and deletion of network flow rules through administrative controls

Disable mlx5 driver if not needed

linux

Remove or blacklist mlx5 driver if Mellanox hardware is not required

echo 'blacklist mlx5_core' >> /etc/modprobe.d/blacklist-mlx5.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

Implement strict change control for network rule modifications to prevent concurrent operations
Monitor system logs for kernel panic indicators and have rapid recovery procedures ready

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if mlx5 driver is loaded: uname -r && lsmod | grep mlx5

Check Version:

uname -r

Verify Fix Applied:

Verify kernel includes fix commits: git log --oneline | grep -E '094d1a2|0d56825|5b47c2f|933ef0d|9ca3144'

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
'refcount_t: decrement hit 0' warnings
mlx5_del_flow_rules errors in dmesg

Network Indicators:

Sudden loss of network connectivity on mlx5 interfaces
Increased system crashes during network configuration changes

SIEM Query:

source="kernel" AND ("refcount_warn_saturate" OR "mlx5_del_flow_rules" OR "panic")

📊 Metadata

CVE ID: CVE-2024-53121

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-362

Published: December 2, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-53121, you might also want to check these: