CVE-2024-27051
📋 TL;DR
This CVE addresses a NULL pointer dereference vulnerability in the Linux kernel's cpufreq driver for Broadcom STB AVS processors. If exploited, it could cause a kernel panic leading to denial of service. Systems using affected Broadcom STB hardware with vulnerable kernel versions are impacted.
💻 Affected Systems
- Linux kernel with brcmstb-avs-cpufreq driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical reboot of affected devices.
Likely Case
System instability or crash when cpufreq operations are performed on affected hardware, resulting in temporary service disruption.
If Mitigated
Minor system instability that may be automatically recovered by kernel protections if available.
🎯 Exploit Status
Requires ability to trigger cpufreq operations on affected hardware, typically through local access or specific system calls.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the fix commits (74b84d0d7118, 9127599c075c, b25b64a241d7, d951cf510fb0, e6e3e51ffba0)
Vendor Advisory: https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load patched kernel. 3. Verify driver functionality post-update.
🔧 Temporary Workarounds
Disable affected cpufreq driver
linuxPrevent loading of brcmstb-avs-cpufreq driver to avoid vulnerability
echo 'blacklist brcmstb-avs-cpufreq' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Restrict local user access to systems with affected hardware
- Monitor system logs for kernel panic events related to cpufreq operations
🔍 How to Verify
Check if Vulnerable:
Check if brcmstb-avs-cpufreq driver is loaded: lsmod | grep brcmstb-avs-cpufreqCheck Version:
uname -rVerify Fix Applied:
Check kernel version against patched versions from git commits, or verify driver loads without errors in dmesg📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- NULL pointer dereference errors related to cpufreq
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "kernel panic") AND "cpufreq"🔗 References
- https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5
- https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db
- https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035
- https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567
- https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6
- https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095
- https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6
- https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5
- https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db
- https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035
- https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567
- https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6
- https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095
- https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
