CVE-2024-58058
📋 TL;DR
This CVE describes a null pointer dereference vulnerability in the Linux kernel's UBIFS filesystem implementation. When slab cache is cleared, it can cause the UBIFS tnc tree dumping function to access a null pointer, potentially causing a kernel panic. This affects systems using UBIFS filesystem with specific kernel versions.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data corruption or loss if filesystem operations are interrupted.
Likely Case
System crash or kernel panic when specific UBIFS operations are performed after slab cache clearing, resulting in denial of service.
If Mitigated
No impact if the vulnerable code path is not triggered or if systems don't use UBIFS filesystem.
🎯 Exploit Status
Requires local access and ability to trigger specific UBIFS operations. The vulnerability is in a specific code path that may not be frequently executed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in kernel git commits referenced in CVE
Vendor Advisory: https://git.kernel.org/stable/c/1787cd67bb94b106555ffe64f887f6aa24b47010
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Check with your distribution vendor for specific kernel updates. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable UBIFS if not needed
linuxIf UBIFS filesystem is not required, disable it in kernel configuration or avoid using it.
🧯 If You Can't Patch
- Restrict local user access to systems using UBIFS
- Monitor for kernel panic events and investigate UBIFS-related crashes
🔍 How to Verify
Check if Vulnerable:
Check kernel version and UBIFS usage: 'uname -r' and check if UBIFS is mounted or in useCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated beyond vulnerable versions and test UBIFS operations📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- UBIFS error messages in dmesg
- System crash logs
Network Indicators:
- None - local vulnerability
SIEM Query:
Search for 'kernel panic' or 'UBIFS' in system logs with timestamps matching system crashes🔗 References
- https://git.kernel.org/stable/c/1787cd67bb94b106555ffe64f887f6aa24b47010
- https://git.kernel.org/stable/c/2a987950df825d0144370e700dc5fb337684ffba
- https://git.kernel.org/stable/c/40e25a3c0063935763717877bb2a814c081509ff
- https://git.kernel.org/stable/c/428aff8f7cfb0d9a8854477648022cef96bcab28
- https://git.kernel.org/stable/c/6211c11fc20424bbc6d79c835c7c212b553ae898
- https://git.kernel.org/stable/c/77e5266e3d3faa6bdcf20d9c68a8972f6aa06522
- https://git.kernel.org/stable/c/bdb0ca39e0acccf6771db49c3f94ed787d05f2d7
- https://git.kernel.org/stable/c/e01b55f261ccc96e347eba4931e4429d080d879d
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
