CVE-2024-57875 – This CVE addresses a use-after-free vulnerabili... (How to Fix)

Q: What is the severity of CVE-2024-57875?

CVE-2024-57875 has a CVSS score of 5.5 (MEDIUM). This CVE addresses a use-after-free vulnerability in the Linux kernel's block layer where the conventional zones bitmap pointer (disk->conv_zones_bitmap) could be accessed after being freed during disk revalidation. This could lead to kernel memory corruption or crashes. The vulnerability affects Linux systems using zoned block devices.

📋 TL;DR

This CVE addresses a use-after-free vulnerability in the Linux kernel's block layer where the conventional zones bitmap pointer (disk->conv_zones_bitmap) could be accessed after being freed during disk revalidation. This could lead to kernel memory corruption or crashes. The vulnerability affects Linux systems using zoned block devices.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated in CVE description, but patches exist in stable kernel trees.

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using zoned block devices (e.g., SMR HDDs, ZNS SSDs). Systems without zoned storage are not vulnerable.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, potential privilege escalation if combined with other vulnerabilities, or data corruption on zoned storage devices.

🟠

Likely Case

System instability, kernel crashes, or denial of service affecting zoned block device operations.

🟢

If Mitigated

Minimal impact with proper kernel protections and limited zoned device usage.

🌐 Internet-Facing: LOW - This is a kernel-level vulnerability requiring local access or specific storage operations.

🏢 Internal Only: MEDIUM - Could affect servers using zoned storage devices, potentially causing service disruption.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and specific operations on zoned block devices. Race condition makes reliable exploitation challenging.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits 493326c4f10cc71a42c27fdc97ce112182ee4cbc and d7cb6d7414ea1b33536fa6d11805cb8dceec1f97)

Vendor Advisory: https://git.kernel.org/stable/c/493326c4f10cc71a42c27fdc97ce112182ee4cbc

Restart Required: Yes

Instructions:

1. Update to a patched kernel version from your distribution's repositories. 2. Rebuild kernel if using custom kernel. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable zoned block device usage

linux

Avoid using zoned storage devices (SMR HDDs, ZNS SSDs) until patched.

🧯 If You Can't Patch

Restrict access to systems using zoned storage devices to trusted users only
Monitor systems for kernel crashes or instability related to storage operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if using zoned block devices with 'lsblk -o NAME,ZONED' or 'blkzone report /dev/device'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits or is newer than patched versions

📡 Detection & Monitoring

Log Indicators:

Kernel oops messages
System crashes during storage operations
dmesg errors related to block layer or memory corruption

SIEM Query:

Search for kernel panic events or storage-related error messages in system logs

📊 Metadata

CVE ID: CVE-2024-57875

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-416

EPSS Score: 0.03% exploit probability (8.2th percentile)

Published: January 11, 2025

Last Updated: October 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57875, you might also want to check these: