CVE-2024-26999
📋 TL;DR
A race condition in the Linux kernel's pmac_zilog serial driver can cause a kernel panic or system crash when used as a serial console. This affects Linux systems using PowerPC architecture with the vulnerable driver loaded, particularly older Apple Power Macintosh hardware or QEMU emulation.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System crash or kernel panic leading to denial of service, potentially requiring physical access to reboot affected systems.
Likely Case
System instability or crash when the serial console receives high interrupt rates, causing denial of service.
If Mitigated
Minimal impact if system doesn't use pmac_zilog driver or serial console functionality.
🎯 Exploit Status
Requires local access and ability to generate high interrupt rates on serial port, or specific QEMU configurations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 1be3226445362bfbf461c92a5bcdb1723f2e4907 or later
Vendor Advisory: https://git.kernel.org/stable/c/1be3226445362bfbf461c92a5bcdb1723f2e4907
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commit. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable pmac_zilog driver
linuxPrevent loading of vulnerable driver if not needed
echo 'blacklist pmac_zilog' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
Avoid serial console usage
linuxConfigure system to not use serial console if possible
Remove 'console=ttyPZ0' or similar from kernel command line in /boot/grub/grub.cfg or /etc/default/grub
🧯 If You Can't Patch
- Ensure system does not use serial console functionality
- Monitor system logs for 'pmz: rx irq flood' messages and investigate any serial port issues
🔍 How to Verify
Check if Vulnerable:
Check if pmac_zilog module is loaded: lsmod | grep pmac_zilog AND check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commit: grep -q '1be3226445362bfbf461c92a5bcdb1723f2e4907' /proc/version_signature (if available) OR check distribution kernel changelog📡 Detection & Monitoring
Log Indicators:
- Kernel messages containing 'pmz: rx irq flood'
- Kernel panic or BUG splat messages related to spinlock recursion
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("pmz: rx irq flood" OR "spinlock recursion" AND "pmz")🔗 References
- https://git.kernel.org/stable/c/1be3226445362bfbf461c92a5bcdb1723f2e4907
- https://git.kernel.org/stable/c/52aaf1ff14622a04148dbb9ccce6d9de5d534ea7
- https://git.kernel.org/stable/c/69a02273e288011b521ee7c1f3ab2c23fda633ce
- https://git.kernel.org/stable/c/7a3bbe41efa55323b6ea3c35fa15941d4dbecdef
- https://git.kernel.org/stable/c/ab86cf6f8d24e63e9aca23da5108af1aa5483928
- https://git.kernel.org/stable/c/bbaafbb4651fede8d3c3881601ecaa4f834f9d3f
- https://git.kernel.org/stable/c/ca09dfc3cfdf89e6af3ac24e1c6c0be5c575a729
- https://git.kernel.org/stable/c/d679c816929d62af51c8e6d7fc0e165c9412d2f3
- https://git.kernel.org/stable/c/1be3226445362bfbf461c92a5bcdb1723f2e4907
- https://git.kernel.org/stable/c/52aaf1ff14622a04148dbb9ccce6d9de5d534ea7
- https://git.kernel.org/stable/c/69a02273e288011b521ee7c1f3ab2c23fda633ce
- https://git.kernel.org/stable/c/7a3bbe41efa55323b6ea3c35fa15941d4dbecdef
- https://git.kernel.org/stable/c/ab86cf6f8d24e63e9aca23da5108af1aa5483928
- https://git.kernel.org/stable/c/bbaafbb4651fede8d3c3881601ecaa4f834f9d3f
- https://git.kernel.org/stable/c/ca09dfc3cfdf89e6af3ac24e1c6c0be5c575a729
- https://git.kernel.org/stable/c/d679c816929d62af51c8e6d7fc0e165c9412d2f3
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/
