CVE-2024-57928
Published: 19 January 2025
Summary
CVE-2024-57928 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-11 (Error Handling) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Timely remediation through kernel patching directly fixes the incomplete ENOMEM error handling in netfs_read_to_pagecache(), preventing exploitation.
Proper error handling ensures that memory allocation failures like ENOMEM are managed without leading to out-of-bounds reads or resource mismanagement.
Memory protection mechanisms mitigate the impact of out-of-bounds reads resulting from unhandled ENOMEM conditions in buffered netfs operations.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local kernel OOB read enables info disclosure (potential credential access) and supports privilege escalation chains via memory leaks; also facilitates local DoS via crashes.
NVD Description
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix enomem handling in buffered reads If netfs_read_to_pagecache() gets an error from either ->prepare_read() or from netfs_prepare_read_iterator(), it needs to decrement ->nr_outstanding, cancel the subrequest and break out of…
more
the issuing loop. Currently, it only does this for two of the cases, but there are two more that aren't handled. Fix this by moving the handling to a common place and jumping to it from all four places. This is in preference to inserting a wrapper around netfs_prepare_read_iterator() as proposed by Dmitry Antipov[1].
Deeper analysisAI
CVE-2024-57928 is a vulnerability in the Linux kernel's netfs (network filesystem) subsystem, specifically affecting buffered read operations in the netfs_read_to_pagecache() function. The issue stems from incomplete error handling for ENOMEM conditions returned by ->prepare_read() or netfs_prepare_read_iterator(). In some cases, the function fails to decrement the ->nr_outstanding counter, cancel the subrequest, and exit the issuing loop properly, leading to potential out-of-bounds reads (CWE-125). The vulnerability carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H).
A local attacker with low privileges (PR:L) can exploit this flaw by triggering buffered reads in netfs, potentially causing high confidentiality impact through information disclosure via out-of-bounds reads and high availability impact, such as denial of service from resource exhaustion or crashes. No user interaction is required, and the attack is straightforward given low attack complexity.
Mitigation involves applying the relevant Linux kernel patches, available in the following stable commit references: https://git.kernel.org/stable/c/105549d09a539a876b7c3330ab52d8aceedad358 and https://git.kernel.org/stable/c/88ecdfea1b333de5c51442b45cd549eeadf01852. These commits centralize the ENOMEM handling logic to ensure proper cleanup across all affected code paths. Security practitioners should update affected kernel versions promptly.
Details
- CWE(s)