CVE-2024-27061
📋 TL;DR
This is a use-after-free vulnerability in the Linux kernel's sun8i-ce cryptographic driver that can cause kernel crashes or potential privilege escalation. It affects systems using Allwinner SoCs with the sun8i-ce cryptographic engine enabled. The vulnerability occurs when client callbacks free memory that the driver still tries to access during cleanup operations.
💻 Affected Systems
- Linux kernel with sun8i-ce driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation if an attacker can control the freed memory region and execute arbitrary code in kernel context.
Likely Case
System instability, kernel crashes, or denial of service when cryptographic operations are performed on affected hardware.
If Mitigated
No impact if the sun8i-ce driver is not loaded or the hardware is not present.
🎯 Exploit Status
Exploitation requires triggering cryptographic operations through the vulnerable driver. The vulnerability was discovered through kernel selftests and KASAN reports.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in Linux kernel commits: 183420038444547c149a0fc5f58e792c2752860c, 51a7d338c212e0640b1aca52ba6590d5bea49879, dc60b25540c82fc4baa95d1458ae96ead21859e0
Vendor Advisory: https://git.kernel.org/stable/c/183420038444547c149a0fc5f58e792c2752860c
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check with your distribution for specific patched kernel versions. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Disable sun8i-ce driver
linuxPrevent loading of the vulnerable driver module
echo 'blacklist sun8i-ce' >> /etc/modprobe.d/blacklist.conf
rmmod sun8i-ce
Disable cryptographic selftests
linuxPrevent triggering the vulnerability through kernel selftests
echo 0 > /proc/sys/crypto/fips_enabled
🧯 If You Can't Patch
- Restrict access to cryptographic operations to trusted users only
- Monitor system logs for kernel panic or KASAN reports related to sun8i-ce driver
🔍 How to Verify
Check if Vulnerable:
Check if sun8i-ce driver is loaded: lsmod | grep sun8i_ce. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits. Test cryptographic operations on affected hardware without crashes.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning sun8i_ce_cipher
- KASAN reports of use-after-free in sun8i_ce module
- Cryptographic operation failures
SIEM Query:
source="kernel" AND ("sun8i_ce" OR "KASAN: slab-use-after-free" OR "Unable to handle kernel NULL pointer")🔗 References
- https://git.kernel.org/stable/c/183420038444547c149a0fc5f58e792c2752860c
- https://git.kernel.org/stable/c/51a7d338c212e0640b1aca52ba6590d5bea49879
- https://git.kernel.org/stable/c/dc60b25540c82fc4baa95d1458ae96ead21859e0
- https://git.kernel.org/stable/c/183420038444547c149a0fc5f58e792c2752860c
- https://git.kernel.org/stable/c/51a7d338c212e0640b1aca52ba6590d5bea49879
- https://git.kernel.org/stable/c/dc60b25540c82fc4baa95d1458ae96ead21859e0
