CVE-2024-42252: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: closures: Change BUG_ON() to WARN_ON() If a BUG_ON() can be hit in the wild, it shouldn't be a BUG_ON() For reference, this has popped up once in the CI, and we'll need more info to debug it: 03240 ------------[ cut here ]------------ 03240 kernel BUG at lib/closure.c:21! 03240 kernel BUG at lib/closure.c:21! 03240 Internal error: Oops - BUG: 00000000f2000800 [#1] SMP 03240 Modules linked in: 03240 CPU: 15 PID: 40534 Comm: kworker/u80:1 Not tainted 6.10.0-rc4-ktest-ga56da69799bd #25570 03240 Hardware name: linux,dummy-virt (DT) 03240 Workqueue: btree_update btree_interior_update_work 03240 pstate: 00001005 (nzcv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--) 03240 pc : closure_put+0x224/0x2a0 03240 lr : closure_put+0x24/0x2a0 03240 sp : ffff0000d12071c0 03240 x29: ffff0000d12071c0 x28: dfff800000000000 x27: ffff0000d1207360 03240 x26: 0000000000000040 x25: 0000000000000040 x24: 0000000000000040 03240 x23: ffff0000c1f20180 x22: 0000000000000000 x21: ffff0000c1f20168 03240 x20: 0000000040000000 x19: ffff0000c1f20140 x18: 0000000000000001 03240 x17: 0000000000003aa0 x16: 0000000000003ad0 x15: 1fffe0001c326974 03240 x14: 0000000000000a1e x13: 0000000000000000 x12: 1fffe000183e402d 03240 x11: ffff6000183e402d x10: dfff800000000000 x9 : ffff6000183e402e 03240 x8 : 0000000000000001 x7 : 00009fffe7c1bfd3 x6 : ffff0000c1f2016b 03240 x5 : ffff0000c1f20168 x4 : ffff6000183e402e x3 : ffff800081391954 03240 x2 : 0000000000000001 x1 : 0000000000000000 x0 : 00000000a8000000 03240 Call trace: 03240 closure_put+0x224/0x2a0 03240 bch2_check_for_deadlock+0x910/0x1028 03240 bch2_six_check_for_deadlock+0x1c/0x30 03240 six_lock_slowpath.isra.0+0x29c/0xed0 03240 six_lock_ip_waiter+0xa8/0xf8 03240 __bch2_btree_node_lock_write+0x14c/0x298 03240 bch2_trans_lock_write+0x6d4/0xb10 03240 __bch2_trans_commit+0x135c/0x5520 03240 btree_interior_update_work+0x1248/0x1c10 03240 process_scheduled_works+0x53c/0xd90 03240 worker_thread+0x370/0x8c8 03240 kthread+0x258/0x2e8 03240 ret_from_fork+0x10/0x20 03240 Code: aa1303e0 d63f0020 a94363f7 17ffff8c (d4210000) 03240 ---[ end trace 0000000000000000 ]--- 03240 Kernel panic - not syncing: Oops - BUG: Fatal exception 03240 SMP: stopping secondary CPUs 03241 SMP: failed to stop secondary CPUs 13,15 03241 Kernel Offset: disabled 03241 CPU features: 0x00,00000003,80000008,4240500b 03241 Memory Limit: none 03241 ---[ end Kernel panic - not syncing: Oops - BUG: Fatal exception ]--- 03246 ========= FAILED TIMEOUT copygc_torture_no_checksum in 7200s
AI Analysis
Technical Summary
CVE-2024-42252 is a vulnerability identified in the Linux kernel, specifically related to the handling of kernel BUG_ON() macros within the closure subsystem (lib/closure.c). The issue arises from the use of BUG_ON(), which triggers a kernel panic when a certain condition is met, indicating a fatal error. The vulnerability was discovered when a BUG_ON() condition was hit during continuous integration testing, causing kernel oops and panic events. The kernel stack trace shows that the failure occurs in the closure_put function, which is part of the kernel's closure management, and propagates through various kernel functions related to btree locking and transaction commits. The root cause appears to be an unexpected state that should not occur in normal operation but was previously guarded by BUG_ON(), which forcibly halts the kernel. The patch replaces BUG_ON() with WARN_ON(), which logs a warning instead of crashing the kernel, allowing the system to continue running while signaling a potential issue. This change suggests that the condition triggering the BUG_ON() can occur in real-world scenarios, and crashing the kernel is not an appropriate response. Although no known exploits are reported in the wild, the vulnerability can cause denial of service (DoS) by crashing the kernel, leading to system unavailability. The affected versions are specific Linux kernel commits identified by their hashes, indicating this is a recent and targeted fix in the kernel source. The vulnerability does not have a CVSS score assigned yet, but the technical details and kernel panic logs indicate a serious stability issue that could impact systems running affected kernel versions.
Potential Impact
For European organizations, this vulnerability poses a risk primarily in terms of system availability and stability. Linux is widely used across Europe in servers, cloud infrastructure, embedded devices, and critical systems. A kernel panic triggered by this vulnerability can cause unexpected system crashes, leading to downtime and potential disruption of services. Organizations relying on Linux for critical infrastructure, including telecommunications, finance, healthcare, and government services, may experience operational interruptions. Although the vulnerability does not directly expose confidentiality or integrity risks, the denial of service impact can indirectly affect business continuity and service reliability. Additionally, systems that require high availability, such as data centers and cloud providers in Europe, could face increased maintenance overhead and risk of outages if running vulnerable kernel versions. The lack of known exploits reduces immediate risk, but the presence of a kernel panic condition means that attackers or faulty workloads could potentially trigger this vulnerability to cause disruption. The impact is thus significant for operational continuity but does not appear to allow privilege escalation or remote code execution based on current information.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernel to the latest stable version that includes the fix replacing BUG_ON() with WARN_ON() in the closure subsystem. Kernel upgrades should be tested in staging environments to ensure compatibility with existing workloads. Monitoring kernel logs for WARN_ON() messages related to closure_put or btree operations can help detect attempts to trigger this condition before it escalates to a panic. Organizations should also review and harden workloads that interact with the btree and closure subsystems, particularly those performing heavy transactional operations, to minimize triggering the vulnerable code paths. Employing kernel live patching solutions where available can reduce downtime during patch deployment. For embedded or specialized Linux distributions, vendors should be contacted to ensure timely patch integration. Additionally, implementing robust system monitoring and automated reboot procedures can help mitigate the impact of unexpected kernel panics. Finally, maintaining comprehensive backups and disaster recovery plans will reduce operational risk in case of system crashes.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain, Poland
CVE-2024-42252: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: closures: Change BUG_ON() to WARN_ON() If a BUG_ON() can be hit in the wild, it shouldn't be a BUG_ON() For reference, this has popped up once in the CI, and we'll need more info to debug it: 03240 ------------[ cut here ]------------ 03240 kernel BUG at lib/closure.c:21! 03240 kernel BUG at lib/closure.c:21! 03240 Internal error: Oops - BUG: 00000000f2000800 [#1] SMP 03240 Modules linked in: 03240 CPU: 15 PID: 40534 Comm: kworker/u80:1 Not tainted 6.10.0-rc4-ktest-ga56da69799bd #25570 03240 Hardware name: linux,dummy-virt (DT) 03240 Workqueue: btree_update btree_interior_update_work 03240 pstate: 00001005 (nzcv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--) 03240 pc : closure_put+0x224/0x2a0 03240 lr : closure_put+0x24/0x2a0 03240 sp : ffff0000d12071c0 03240 x29: ffff0000d12071c0 x28: dfff800000000000 x27: ffff0000d1207360 03240 x26: 0000000000000040 x25: 0000000000000040 x24: 0000000000000040 03240 x23: ffff0000c1f20180 x22: 0000000000000000 x21: ffff0000c1f20168 03240 x20: 0000000040000000 x19: ffff0000c1f20140 x18: 0000000000000001 03240 x17: 0000000000003aa0 x16: 0000000000003ad0 x15: 1fffe0001c326974 03240 x14: 0000000000000a1e x13: 0000000000000000 x12: 1fffe000183e402d 03240 x11: ffff6000183e402d x10: dfff800000000000 x9 : ffff6000183e402e 03240 x8 : 0000000000000001 x7 : 00009fffe7c1bfd3 x6 : ffff0000c1f2016b 03240 x5 : ffff0000c1f20168 x4 : ffff6000183e402e x3 : ffff800081391954 03240 x2 : 0000000000000001 x1 : 0000000000000000 x0 : 00000000a8000000 03240 Call trace: 03240 closure_put+0x224/0x2a0 03240 bch2_check_for_deadlock+0x910/0x1028 03240 bch2_six_check_for_deadlock+0x1c/0x30 03240 six_lock_slowpath.isra.0+0x29c/0xed0 03240 six_lock_ip_waiter+0xa8/0xf8 03240 __bch2_btree_node_lock_write+0x14c/0x298 03240 bch2_trans_lock_write+0x6d4/0xb10 03240 __bch2_trans_commit+0x135c/0x5520 03240 btree_interior_update_work+0x1248/0x1c10 03240 process_scheduled_works+0x53c/0xd90 03240 worker_thread+0x370/0x8c8 03240 kthread+0x258/0x2e8 03240 ret_from_fork+0x10/0x20 03240 Code: aa1303e0 d63f0020 a94363f7 17ffff8c (d4210000) 03240 ---[ end trace 0000000000000000 ]--- 03240 Kernel panic - not syncing: Oops - BUG: Fatal exception 03240 SMP: stopping secondary CPUs 03241 SMP: failed to stop secondary CPUs 13,15 03241 Kernel Offset: disabled 03241 CPU features: 0x00,00000003,80000008,4240500b 03241 Memory Limit: none 03241 ---[ end Kernel panic - not syncing: Oops - BUG: Fatal exception ]--- 03246 ========= FAILED TIMEOUT copygc_torture_no_checksum in 7200s
AI-Powered Analysis
Technical Analysis
CVE-2024-42252 is a vulnerability identified in the Linux kernel, specifically related to the handling of kernel BUG_ON() macros within the closure subsystem (lib/closure.c). The issue arises from the use of BUG_ON(), which triggers a kernel panic when a certain condition is met, indicating a fatal error. The vulnerability was discovered when a BUG_ON() condition was hit during continuous integration testing, causing kernel oops and panic events. The kernel stack trace shows that the failure occurs in the closure_put function, which is part of the kernel's closure management, and propagates through various kernel functions related to btree locking and transaction commits. The root cause appears to be an unexpected state that should not occur in normal operation but was previously guarded by BUG_ON(), which forcibly halts the kernel. The patch replaces BUG_ON() with WARN_ON(), which logs a warning instead of crashing the kernel, allowing the system to continue running while signaling a potential issue. This change suggests that the condition triggering the BUG_ON() can occur in real-world scenarios, and crashing the kernel is not an appropriate response. Although no known exploits are reported in the wild, the vulnerability can cause denial of service (DoS) by crashing the kernel, leading to system unavailability. The affected versions are specific Linux kernel commits identified by their hashes, indicating this is a recent and targeted fix in the kernel source. The vulnerability does not have a CVSS score assigned yet, but the technical details and kernel panic logs indicate a serious stability issue that could impact systems running affected kernel versions.
Potential Impact
For European organizations, this vulnerability poses a risk primarily in terms of system availability and stability. Linux is widely used across Europe in servers, cloud infrastructure, embedded devices, and critical systems. A kernel panic triggered by this vulnerability can cause unexpected system crashes, leading to downtime and potential disruption of services. Organizations relying on Linux for critical infrastructure, including telecommunications, finance, healthcare, and government services, may experience operational interruptions. Although the vulnerability does not directly expose confidentiality or integrity risks, the denial of service impact can indirectly affect business continuity and service reliability. Additionally, systems that require high availability, such as data centers and cloud providers in Europe, could face increased maintenance overhead and risk of outages if running vulnerable kernel versions. The lack of known exploits reduces immediate risk, but the presence of a kernel panic condition means that attackers or faulty workloads could potentially trigger this vulnerability to cause disruption. The impact is thus significant for operational continuity but does not appear to allow privilege escalation or remote code execution based on current information.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernel to the latest stable version that includes the fix replacing BUG_ON() with WARN_ON() in the closure subsystem. Kernel upgrades should be tested in staging environments to ensure compatibility with existing workloads. Monitoring kernel logs for WARN_ON() messages related to closure_put or btree operations can help detect attempts to trigger this condition before it escalates to a panic. Organizations should also review and harden workloads that interact with the btree and closure subsystems, particularly those performing heavy transactional operations, to minimize triggering the vulnerable code paths. Employing kernel live patching solutions where available can reduce downtime during patch deployment. For embedded or specialized Linux distributions, vendors should be contacted to ensure timely patch integration. Additionally, implementing robust system monitoring and automated reboot procedures can help mitigate the impact of unexpected kernel panics. Finally, maintaining comprehensive backups and disaster recovery plans will reduce operational risk in case of system crashes.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-07-30T07:40:12.256Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9828c4522896dcbe1cff
Added to database: 5/21/2025, 9:08:56 AM
Last enriched: 6/29/2025, 6:25:01 AM
Last updated: 8/13/2025, 7:51:37 AM
Views: 11
Related Threats
CVE-2025-9025: SQL Injection in code-projects Simple Cafe Ordering System
MediumCVE-2025-9024: SQL Injection in PHPGurukul Beauty Parlour Management System
MediumCVE-2025-9023: Buffer Overflow in Tenda AC7
HighCVE-2025-8905: CWE-94 Improper Control of Generation of Code ('Code Injection') in inpersttion Inpersttion For Theme
MediumCVE-2025-8720: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in morehawes Plugin README Parser
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.