CVE-2024-35789
📋 TL;DR
This CVE describes a use-after-free vulnerability in the Linux kernel's WiFi subsystem (mac80211). When a station is moved out of a VLAN and the VLAN is deleted, the fast_rx entry retains a pointer to the freed VLAN network device, potentially causing kernel crashes or code execution. This affects Linux systems using the mac80211 WiFi stack with VLAN configurations.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential arbitrary code execution with kernel privileges resulting in complete system compromise.
Likely Case
System instability, kernel crashes, or denial of service affecting WiFi connectivity on affected systems.
If Mitigated
Minimal impact if VLAN features are not used or systems are properly patched.
🎯 Exploit Status
Exploitation requires local network access and ability to manipulate VLAN configurations. The vulnerability is in kernel memory management.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees via the provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/2884a50f52313a7a911de3afcad065ddbb3d78fc
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix. 2. Check your distribution's security advisories for specific patched versions. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable VLAN features
linuxAvoid using VLAN configurations for WiFi stations if not required
Restrict VLAN management
allLimit VLAN configuration changes to trusted administrators only
🧯 If You Can't Patch
- Implement strict access controls for VLAN configuration management
- Monitor systems for kernel panics or unusual WiFi subsystem behavior
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with distribution's security advisories. Vulnerable if using unpatched kernel with mac80211 VLAN support.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the fix commits: 2884a50f52313a7a911de3afcad065ddbb3d78fc or other listed commits.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- mac80211 subsystem errors
- VLAN configuration change logs
Network Indicators:
- Unexpected WiFi disconnections
- VLAN configuration anomalies
SIEM Query:
Search for kernel panic events or mac80211 subsystem errors in system logs🔗 References
- https://git.kernel.org/stable/c/2884a50f52313a7a911de3afcad065ddbb3d78fc
- https://git.kernel.org/stable/c/4f2bdb3c5e3189297e156b3ff84b140423d64685
- https://git.kernel.org/stable/c/6b948b54c8bd620725e0c906e44b10c0b13087a7
- https://git.kernel.org/stable/c/7eeabcea79b67cc29563e6a9a5c81f9e2c664d5b
- https://git.kernel.org/stable/c/be1dd9254fc115321d6fbee042026d42afc8d931
- https://git.kernel.org/stable/c/c8bddbd91bc8e42c961a5e2cec20ab879f21100f
- https://git.kernel.org/stable/c/e8678551c0243f799b4859448781cbec1bd6f1cb
- https://git.kernel.org/stable/c/e8b067c4058c0121ac8ca71559df8e2e08ff1a7e
- https://git.kernel.org/stable/c/ea9a0cfc07a7d3601cc680718d9cff0d6927a921
- https://git.kernel.org/stable/c/2884a50f52313a7a911de3afcad065ddbb3d78fc
- https://git.kernel.org/stable/c/4f2bdb3c5e3189297e156b3ff84b140423d64685
- https://git.kernel.org/stable/c/6b948b54c8bd620725e0c906e44b10c0b13087a7
- https://git.kernel.org/stable/c/7eeabcea79b67cc29563e6a9a5c81f9e2c664d5b
- https://git.kernel.org/stable/c/be1dd9254fc115321d6fbee042026d42afc8d931
- https://git.kernel.org/stable/c/c8bddbd91bc8e42c961a5e2cec20ab879f21100f
- https://git.kernel.org/stable/c/e8678551c0243f799b4859448781cbec1bd6f1cb
- https://git.kernel.org/stable/c/e8b067c4058c0121ac8ca71559df8e2e08ff1a7e
- https://git.kernel.org/stable/c/ea9a0cfc07a7d3601cc680718d9cff0d6927a921
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
