CVE-2024-26941
📋 TL;DR
A divide-by-zero vulnerability in the Linux kernel's DisplayPort Multi-Stream Transport (MST) handling causes kernel panics when unplugging certain MST hubs with the nouveau graphics driver. This leads to denial of service on affected systems. Users with Linux systems using nouveau driver and specific DisplayPort MST hubs are affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
System crash when unplugging specific DisplayPort MST hubs, requiring reboot to restore functionality.
If Mitigated
No impact if patched or using unaffected hardware/driver combinations.
🎯 Exploit Status
Exploitation requires physical access to unplug specific DisplayPort MST hardware. Not remotely exploitable.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commit 828862071a6ca0c52655e6e62ac7abfef3e5c578 or 9cbd1dae842737bfafa4b10a87909fa209dde250
Vendor Advisory: https://git.kernel.org/stable/c/828862071a6ca0c52655e6e62ac7abfef3e5c578
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. Reboot system to load new kernel. 3. For distributions: Use package manager (apt/yum/dnf) to update kernel package.
🔧 Temporary Workarounds
Avoid specific MST hardware
linuxDo not use StarTech MSTDP122DP DisplayPort 1.2 MST hubs with nouveau driver.
Use alternative graphics driver
linuxSwitch from nouveau to proprietary NVIDIA driver if available for your hardware.
🧯 If You Can't Patch
- Restrict physical access to DisplayPort ports to prevent unauthorized hardware disconnection.
- Educate users not to unplug DisplayPort MST hubs while system is running.
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if using nouveau driver with affected MST hardware. Look for kernel crash logs with 'divide error' in drm_dp_bw_overhead function.Check Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits: 828862071a6ca0c52655e6e62ac7abfef3e5c578 or 9cbd1dae842737bfafa4b10a87909fa209dde250.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs with 'divide error'
- Stack trace showing drm_dp_bw_overhead function
- Xorg crash logs when unplugging DisplayPort devices
SIEM Query:
Search for kernel logs containing 'divide error' AND 'drm_dp_bw_overhead' OR 'nouveau' in crash context.