CVE-2024-36945 in Linux
Summary
by MITRE • 05/30/2024
In the Linux kernel, the following vulnerability has been resolved:
net/smc: fix neighbour and rtable leak in smc_ib_find_route()
In smc_ib_find_route(), the neighbour found by neigh_lookup() and rtable resolved by ip_route_output_flow() are not released or put before return. It may cause the refcount leak, so fix it.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 09/18/2025
The vulnerability identified as CVE-2024-36945 resides within the Linux kernel's SMC (Scalable Memory Communication) subsystem, specifically in the InfiniBand transport layer implementation. This issue affects the net/smc component where memory management practices during route resolution operations create persistent reference count leaks. The flaw manifests in the smc_ib_find_route() function which is responsible for establishing network routes for SMC connections over InfiniBand infrastructure. The vulnerability represents a classic memory leak scenario where kernel resources are not properly released, leading to gradual consumption of system memory over time.
The technical root cause of this vulnerability stems from improper resource management within the network routing code path. When the smc_ib_find_route() function executes, it calls neigh_lookup() to locate network neighbors and ip_route_output_flow() to resolve routing tables for establishing communication paths. Both of these operations return references to kernel objects that must be explicitly released using appropriate reference counting mechanisms. However, the function fails to properly release these resources before returning control flow to the calling code, resulting in reference count leaks that prevent kernel memory from being properly deallocated. This behavior directly violates proper kernel memory management protocols and creates persistent resource consumption.
The operational impact of this vulnerability extends beyond simple memory consumption, as it can lead to system instability and performance degradation over extended periods of operation. When reference count leaks accumulate, they can eventually exhaust available memory resources, potentially causing system slowdowns, memory pressure, or even system crashes in severe cases. The vulnerability affects systems running Linux kernels with SMC support, particularly those utilizing InfiniBand networking infrastructure for high-performance computing applications. Attackers could potentially exploit this vulnerability to cause denial of service conditions by repeatedly triggering the affected code path, leading to progressive system resource exhaustion.
This vulnerability maps to CWE-404, which specifically addresses improper resource management where allocated resources are not properly released, and aligns with ATT&CK technique T1499.004 for resource exhaustion attacks. The flaw represents a failure in kernel memory management practices that can be leveraged to create sustained resource exhaustion conditions. Mitigation strategies should focus on applying the kernel patch that properly releases the neighbor and routing table references before function return. System administrators should prioritize updating affected kernel versions and monitoring memory usage patterns for signs of resource leak accumulation. Additionally, implementing memory monitoring tools and setting up automated alerts for unusual memory consumption patterns can help detect exploitation attempts. The fix requires careful attention to reference counting semantics within the kernel networking subsystem to ensure proper resource lifecycle management.