CVE-2024-47693: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix ib_cache_setup_one error flow cleanup When ib_cache_update return an error, we exit ib_cache_setup_one instantly with no proper cleanup, even though before this we had already successfully done gid_table_setup_one, that results in the kernel WARN below. Do proper cleanup using gid_table_cleanup_one before returning the err in order to fix the issue. WARNING: CPU: 4 PID: 922 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x181/0x1a0 Modules linked in: CPU: 4 UID: 0 PID: 922 Comm: c_repro Not tainted 6.11.0-rc1+ #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 RIP: 0010:gid_table_release_one+0x181/0x1a0 Code: 44 8b 38 75 0c e8 2f cb 34 ff 4d 8b b5 28 05 00 00 e8 23 cb 34 ff 44 89 f9 89 da 4c 89 f6 48 c7 c7 d0 58 14 83 e8 4f de 21 ff <0f> 0b 4c 8b 75 30 e9 54 ff ff ff 48 8 3 c4 10 5b 5d 41 5c 41 5d 41 RSP: 0018:ffffc90002b835b0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c8527 RDX: 0000000000000000 RSI: ffffffff811c8534 RDI: 0000000000000001 RBP: ffff8881011b3d00 R08: ffff88810b3abe00 R09: 205d303839303631 R10: 666572207972746e R11: 72746e6520444947 R12: 0000000000000001 R13: ffff888106390000 R14: ffff8881011f2110 R15: 0000000000000001 FS: 00007fecc3b70800(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000340 CR3: 000000010435a001 CR4: 00000000003706b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ? show_regs+0x94/0xa0 ? __warn+0x9e/0x1c0 ? gid_table_release_one+0x181/0x1a0 ? report_bug+0x1f9/0x340 ? gid_table_release_one+0x181/0x1a0 ? handle_bug+0xa2/0x110 ? exc_invalid_op+0x31/0xa0 ? asm_exc_invalid_op+0x16/0x20 ? __warn_printk+0xc7/0x180 ? __warn_printk+0xd4/0x180 ? gid_table_release_one+0x181/0x1a0 ib_device_release+0x71/0xe0 ? __pfx_ib_device_release+0x10/0x10 device_release+0x44/0xd0 kobject_put+0x135/0x3d0 put_device+0x20/0x30 rxe_net_add+0x7d/0xa0 rxe_newlink+0xd7/0x190 nldev_newlink+0x1b0/0x2a0 ? __pfx_nldev_newlink+0x10/0x10 rdma_nl_rcv_msg+0x1ad/0x2e0 rdma_nl_rcv_skb.constprop.0+0x176/0x210 netlink_unicast+0x2de/0x400 netlink_sendmsg+0x306/0x660 __sock_sendmsg+0x110/0x120 ____sys_sendmsg+0x30e/0x390 ___sys_sendmsg+0x9b/0xf0 ? kstrtouint+0x6e/0xa0 ? kstrtouint_from_user+0x7c/0xb0 ? get_pid_task+0xb0/0xd0 ? proc_fail_nth_write+0x5b/0x140 ? __fget_light+0x9a/0x200 ? preempt_count_add+0x47/0xa0 __sys_sendmsg+0x61/0xd0 do_syscall_64+0x50/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e
AI Analysis
Technical Summary
CVE-2024-47693 is a vulnerability identified in the Linux kernel specifically within the InfiniBand (IB) core subsystem. The issue arises in the error handling path of the function ib_cache_setup_one. When the function ib_cache_update returns an error, the current implementation exits ib_cache_setup_one immediately without performing proper cleanup. Prior to this error return, the function successfully executes gid_table_setup_one, which allocates or initializes resources related to the gid_table. However, due to the premature exit, the corresponding cleanup function gid_table_cleanup_one is not called, leading to resource leaks and kernel warnings. This improper cleanup can cause kernel instability, as evidenced by the kernel WARN message and the call trace involving gid_table_release_one. The vulnerability is rooted in a logic flaw in error flow management, which can lead to inconsistent kernel state and potential denial of service (DoS) conditions due to resource exhaustion or kernel panics. The issue affects multiple versions of the Linux kernel, including release candidates such as 6.11.0-rc1 and others identified by specific commit hashes. The vulnerability does not currently have a CVSS score and there are no known exploits in the wild. The fix involves ensuring that gid_table_cleanup_one is called appropriately before returning the error, thereby maintaining kernel stability and preventing resource leaks.
Potential Impact
For European organizations, the impact of CVE-2024-47693 primarily concerns systems running Linux kernels with InfiniBand support enabled. InfiniBand is commonly used in high-performance computing (HPC) environments, data centers, and enterprise-grade servers for low-latency, high-throughput networking. Organizations relying on HPC clusters, scientific research facilities, financial institutions with latency-sensitive trading platforms, and cloud providers using InfiniBand for backend connectivity could experience kernel instability or denial of service if this vulnerability is triggered. While the vulnerability does not directly allow privilege escalation or remote code execution, the resulting kernel warnings and potential crashes could disrupt critical services, leading to downtime and operational impact. Given the widespread use of Linux in European data centers and research institutions, the vulnerability could affect availability and reliability of critical infrastructure. However, the absence of known exploits and the requirement for specific kernel configurations limit the immediate risk. Nonetheless, unpatched systems remain vulnerable to accidental or malicious triggering of the bug, which could be leveraged in targeted attacks to degrade service availability.
Mitigation Recommendations
European organizations should prioritize applying the official Linux kernel patches that address this error handling flaw in the InfiniBand core subsystem. Specifically, ensure that the kernel version in use includes the fix that calls gid_table_cleanup_one properly during error returns in ib_cache_setup_one. For environments where immediate patching is not feasible, consider disabling InfiniBand support if it is not required, to mitigate exposure. Additionally, implement kernel crash monitoring and alerting to detect any WARN messages or instability related to gid_table_release_one. Regularly audit kernel logs for signs of this issue. For HPC and data center environments, coordinate with hardware vendors and Linux distribution maintainers to obtain timely updates. Employ robust system hardening and access controls to limit the ability of unprivileged users to trigger kernel operations that may expose the vulnerability. Finally, maintain comprehensive backup and recovery procedures to minimize downtime in case of kernel crashes.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Switzerland, Italy
CVE-2024-47693: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix ib_cache_setup_one error flow cleanup When ib_cache_update return an error, we exit ib_cache_setup_one instantly with no proper cleanup, even though before this we had already successfully done gid_table_setup_one, that results in the kernel WARN below. Do proper cleanup using gid_table_cleanup_one before returning the err in order to fix the issue. WARNING: CPU: 4 PID: 922 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x181/0x1a0 Modules linked in: CPU: 4 UID: 0 PID: 922 Comm: c_repro Not tainted 6.11.0-rc1+ #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 RIP: 0010:gid_table_release_one+0x181/0x1a0 Code: 44 8b 38 75 0c e8 2f cb 34 ff 4d 8b b5 28 05 00 00 e8 23 cb 34 ff 44 89 f9 89 da 4c 89 f6 48 c7 c7 d0 58 14 83 e8 4f de 21 ff <0f> 0b 4c 8b 75 30 e9 54 ff ff ff 48 8 3 c4 10 5b 5d 41 5c 41 5d 41 RSP: 0018:ffffc90002b835b0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c8527 RDX: 0000000000000000 RSI: ffffffff811c8534 RDI: 0000000000000001 RBP: ffff8881011b3d00 R08: ffff88810b3abe00 R09: 205d303839303631 R10: 666572207972746e R11: 72746e6520444947 R12: 0000000000000001 R13: ffff888106390000 R14: ffff8881011f2110 R15: 0000000000000001 FS: 00007fecc3b70800(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000340 CR3: 000000010435a001 CR4: 00000000003706b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ? show_regs+0x94/0xa0 ? __warn+0x9e/0x1c0 ? gid_table_release_one+0x181/0x1a0 ? report_bug+0x1f9/0x340 ? gid_table_release_one+0x181/0x1a0 ? handle_bug+0xa2/0x110 ? exc_invalid_op+0x31/0xa0 ? asm_exc_invalid_op+0x16/0x20 ? __warn_printk+0xc7/0x180 ? __warn_printk+0xd4/0x180 ? gid_table_release_one+0x181/0x1a0 ib_device_release+0x71/0xe0 ? __pfx_ib_device_release+0x10/0x10 device_release+0x44/0xd0 kobject_put+0x135/0x3d0 put_device+0x20/0x30 rxe_net_add+0x7d/0xa0 rxe_newlink+0xd7/0x190 nldev_newlink+0x1b0/0x2a0 ? __pfx_nldev_newlink+0x10/0x10 rdma_nl_rcv_msg+0x1ad/0x2e0 rdma_nl_rcv_skb.constprop.0+0x176/0x210 netlink_unicast+0x2de/0x400 netlink_sendmsg+0x306/0x660 __sock_sendmsg+0x110/0x120 ____sys_sendmsg+0x30e/0x390 ___sys_sendmsg+0x9b/0xf0 ? kstrtouint+0x6e/0xa0 ? kstrtouint_from_user+0x7c/0xb0 ? get_pid_task+0xb0/0xd0 ? proc_fail_nth_write+0x5b/0x140 ? __fget_light+0x9a/0x200 ? preempt_count_add+0x47/0xa0 __sys_sendmsg+0x61/0xd0 do_syscall_64+0x50/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e
AI-Powered Analysis
Technical Analysis
CVE-2024-47693 is a vulnerability identified in the Linux kernel specifically within the InfiniBand (IB) core subsystem. The issue arises in the error handling path of the function ib_cache_setup_one. When the function ib_cache_update returns an error, the current implementation exits ib_cache_setup_one immediately without performing proper cleanup. Prior to this error return, the function successfully executes gid_table_setup_one, which allocates or initializes resources related to the gid_table. However, due to the premature exit, the corresponding cleanup function gid_table_cleanup_one is not called, leading to resource leaks and kernel warnings. This improper cleanup can cause kernel instability, as evidenced by the kernel WARN message and the call trace involving gid_table_release_one. The vulnerability is rooted in a logic flaw in error flow management, which can lead to inconsistent kernel state and potential denial of service (DoS) conditions due to resource exhaustion or kernel panics. The issue affects multiple versions of the Linux kernel, including release candidates such as 6.11.0-rc1 and others identified by specific commit hashes. The vulnerability does not currently have a CVSS score and there are no known exploits in the wild. The fix involves ensuring that gid_table_cleanup_one is called appropriately before returning the error, thereby maintaining kernel stability and preventing resource leaks.
Potential Impact
For European organizations, the impact of CVE-2024-47693 primarily concerns systems running Linux kernels with InfiniBand support enabled. InfiniBand is commonly used in high-performance computing (HPC) environments, data centers, and enterprise-grade servers for low-latency, high-throughput networking. Organizations relying on HPC clusters, scientific research facilities, financial institutions with latency-sensitive trading platforms, and cloud providers using InfiniBand for backend connectivity could experience kernel instability or denial of service if this vulnerability is triggered. While the vulnerability does not directly allow privilege escalation or remote code execution, the resulting kernel warnings and potential crashes could disrupt critical services, leading to downtime and operational impact. Given the widespread use of Linux in European data centers and research institutions, the vulnerability could affect availability and reliability of critical infrastructure. However, the absence of known exploits and the requirement for specific kernel configurations limit the immediate risk. Nonetheless, unpatched systems remain vulnerable to accidental or malicious triggering of the bug, which could be leveraged in targeted attacks to degrade service availability.
Mitigation Recommendations
European organizations should prioritize applying the official Linux kernel patches that address this error handling flaw in the InfiniBand core subsystem. Specifically, ensure that the kernel version in use includes the fix that calls gid_table_cleanup_one properly during error returns in ib_cache_setup_one. For environments where immediate patching is not feasible, consider disabling InfiniBand support if it is not required, to mitigate exposure. Additionally, implement kernel crash monitoring and alerting to detect any WARN messages or instability related to gid_table_release_one. Regularly audit kernel logs for signs of this issue. For HPC and data center environments, coordinate with hardware vendors and Linux distribution maintainers to obtain timely updates. Employ robust system hardening and access controls to limit the ability of unprivileged users to trigger kernel operations that may expose the vulnerability. Finally, maintain comprehensive backup and recovery procedures to minimize downtime in case of kernel crashes.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-09-30T16:00:12.942Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9820c4522896dcbdce4b
Added to database: 5/21/2025, 9:08:48 AM
Last enriched: 6/27/2025, 9:27:18 PM
Last updated: 8/11/2025, 7:26:10 PM
Views: 18
Related Threats
CVE-2025-8898: CWE-862 Missing Authorization in magepeopleteam E-cab Taxi Booking Manager for Woocommerce
CriticalCVE-2025-8896: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor
MediumCVE-2025-8089: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in mdempfle Advanced iFrame
MediumCVE-2025-8113: CWE-79 Cross-Site Scripting (XSS) in Ebook Store
MediumCVE-2025-8293: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Theerawat Patthawee Intl DateTime Calendar
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.