CVE-2024-26742
📋 TL;DR
A bug in the Linux kernel's smartpqi SCSI driver causes a kernel warning and potential undefined behavior when the disable_managed_interrupts module parameter is enabled. This affects systems using the smartpqi driver with specific interrupt affinity settings, potentially causing system instability or crashes.
💻 Affected Systems
- Linux kernel smartpqi SCSI driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service and potential data corruption.
Likely Case
Kernel warning messages in logs and driver initialization failure, preventing storage device access.
If Mitigated
Minor performance impact from using default interrupt settings instead of custom affinity.
🎯 Exploit Status
Exploitation requires root/privileged access to load kernel modules with specific parameters
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 3c31b18a8dd8b7bf36af1cd723d455853b8f94fe, 4f5b15c15e6016efb3e14582d02cc4ddf57227df, 5761eb9761d2d5fe8248a9b719efc4d8baf1f24a, b9433b25cb06c415c9cb24782599649a406c8d6d
Vendor Advisory: https://git.kernel.org/stable/c/3c31b18a8dd8b7bf36af1cd723d455853b8f94fe
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Reboot system. 3. Verify smartpqi module loads without errors.
🔧 Temporary Workarounds
Avoid disable_managed_interrupts parameter
linuxDo not use disable_managed_interrupts=1 when loading smartpqi module
Remove 'disable_managed_interrupts=1' from /etc/modprobe.d/smartpqi.conf or kernel command line
🧯 If You Can't Patch
- Ensure smartpqi module loads without disable_managed_interrupts parameter
- Monitor system logs for smartpqi driver warnings and errors
🔍 How to Verify
Check if Vulnerable:
Check if smartpqi module is loaded with disable_managed_interrupts: cat /proc/cmdline | grep disable_managed_interrupts && lsmod | grep smartpqiCheck Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits and smartpqi module loads without warnings📡 Detection & Monitoring
Log Indicators:
- Kernel warnings mentioning blk_mq_pci_map_queues
- smartpqi driver initialization errors
- Stack traces in dmesg
Network Indicators:
- None - this is a local driver issue
SIEM Query:
source="kernel" AND ("blk_mq_pci_map_queues" OR "smartpqi" WARNING)🔗 References
- https://git.kernel.org/stable/c/3c31b18a8dd8b7bf36af1cd723d455853b8f94fe
- https://git.kernel.org/stable/c/4f5b15c15e6016efb3e14582d02cc4ddf57227df
- https://git.kernel.org/stable/c/5761eb9761d2d5fe8248a9b719efc4d8baf1f24a
- https://git.kernel.org/stable/c/b9433b25cb06c415c9cb24782599649a406c8d6d
- https://git.kernel.org/stable/c/3c31b18a8dd8b7bf36af1cd723d455853b8f94fe
- https://git.kernel.org/stable/c/4f5b15c15e6016efb3e14582d02cc4ddf57227df
- https://git.kernel.org/stable/c/5761eb9761d2d5fe8248a9b719efc4d8baf1f24a
- https://git.kernel.org/stable/c/b9433b25cb06c415c9cb24782599649a406c8d6d
