Login Sign Up

CVE-2024-34777

7.1 HIGH
Denial of Service

📋 TL;DR

A memory corruption vulnerability in the Linux kernel's DMA mapping benchmark module allows local attackers to trigger a wild memory access via invalid node ID validation. This affects systems with the map_benchmark debugfs interface enabled, potentially leading to kernel crashes or privilege escalation. Only users with local access to the debugfs interface are affected.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if CONFIG_DMA_API_DEBUG_SG is enabled and debugfs interface is accessible. Most production systems don't enable DMA debugging features.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level code execution leading to full system compromise.

🟠

Likely Case

Kernel panic or system crash causing denial of service.

🟢

If Mitigated

No impact if debugfs interface is disabled or access restricted.

🌐 Internet-Facing: LOW - Requires local access to debugfs interface.
🏢 Internal Only: MEDIUM - Local users could crash systems or potentially escalate privileges.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and ability to interact with debugfs interface. No public exploits known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 1ff05e723f7ca30644b8ec3fb093f16312e408ad and related stable backports

Vendor Advisory: https://git.kernel.org/stable/c/1ff05e723f7ca30644b8ec3fb093f16312e408ad

Restart Required: Yes

Instructions:

1. Update to patched kernel version from your distribution vendor. 2. Reboot system. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable DMA debug interface

linux

Remove debugfs access to map_benchmark interface

rmmod map_benchmark
echo 'blacklist map_benchmark' > /etc/modprobe.d/disable-map-benchmark.conf

Restrict debugfs access

linux

Mount debugfs with restricted permissions

mount -t debugfs -o mode=0750,uid=0,gid=0 debugfs /sys/kernel/debug

🧯 If You Can't Patch

  • Disable CONFIG_DMA_API_DEBUG_SG kernel configuration option and rebuild kernel
  • Implement strict access controls to /sys/kernel/debug/dma directory

🔍 How to Verify

Check if Vulnerable:

Check if /sys/kernel/debug/dma/map_benchmark exists and kernel version is unpatched

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits or /sys/kernel/debug/dma/map_benchmark no longer accessible

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • KASAN reports for wild-memory-access in map_benchmark_ioctl
  • dma_map_benchma process crashes

Network Indicators:

  • None - local-only vulnerability

SIEM Query:

process.name:dma_map_benchma AND event.outcome:failure

📊 Metadata

CVE ID: CVE-2024-34777
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: June 21, 2024
Last Updated: September 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-34777, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)