CVE-2024-27000
📋 TL;DR
A race condition vulnerability in the Linux kernel's mxs-auart serial driver allows local attackers to cause a kernel panic (denial of service) by triggering concurrent CTS state changes without proper locking. This affects systems using Freescale i.MX28 hardware with Bluetooth drivers loaded. The vulnerability requires local access to exploit.
💻 Affected Systems
- Linux kernel with mxs-auart serial driver
📦 What is this software?
Fedora by Fedoraproject
Fedora by Fedoraproject
Fedora by Fedoraproject
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially disrupting critical operations on affected embedded devices.
Likely Case
System instability or crashes when Bluetooth hardware is active on vulnerable i.MX28 systems, requiring manual reboot.
If Mitigated
Minimal impact with proper access controls preventing local user exploitation.
🎯 Exploit Status
Exploitation requires local access and ability to trigger concurrent CTS state changes. The kernel warning indicates race condition timing is needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 0dc0637e6b16158af85945425821bfd0151adb37 or later
Vendor Advisory: https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commit. 2. For embedded systems: Rebuild kernel with patched mxs-auart driver. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable Bluetooth driver
linuxPrevent loading of hci_uart Bluetooth driver to avoid triggering the race condition
echo 'blacklist hci_uart' >> /etc/modprobe.d/blacklist.conf
rmmod hci_uart
Disable mxs-auart serial port
linuxDisable the affected serial port if not required for system operation
echo 0 > /sys/class/tty/ttyAPP0/active
🧯 If You Can't Patch
- Restrict local user access to prevent exploitation by untrusted users
- Monitor system logs for kernel warnings related to uart_handle_cts_change and restart affected services
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if mxs-auart driver is loaded: uname -r && lsmod | grep mxs_auartCheck Version:
uname -rVerify Fix Applied:
Verify kernel includes fix commit: git log --oneline | grep -i 'mxs-auart.*spinlock.*cts' or check kernel version is newer than 6.6.3 with patches📡 Detection & Monitoring
Log Indicators:
- Kernel warnings containing 'uart_handle_cts_change'
- System crashes or panics when Bluetooth is enabled on i.MX28 hardware
- WARNING messages in dmesg about serial_core.c:3453
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND "uart_handle_cts_change" OR "mxs_auart_irq_handle" AND WARNING🔗 References
- https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37
- https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a
- https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270
- https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495
- https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026
- https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad
- https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37
- https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86
- https://git.kernel.org/stable/c/0dc0637e6b16158af85945425821bfd0151adb37
- https://git.kernel.org/stable/c/21535ef0ac1945080198fe3e4347ea498205c99a
- https://git.kernel.org/stable/c/2c9b943e9924cf1269e44289bc5e60e51b0f5270
- https://git.kernel.org/stable/c/479244d68f5d94f3903eced52b093c1e01ddb495
- https://git.kernel.org/stable/c/54c4ec5f8c471b7c1137a1f769648549c423c026
- https://git.kernel.org/stable/c/56434e295bd446142025913bfdf1587f5e1970ad
- https://git.kernel.org/stable/c/5f40fd6ca2cf0bfbc5a5c9e403dfce8ca899ba37
- https://git.kernel.org/stable/c/94b0e65c75f4af888ab2dd6c90f060f762924e86
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/
