CVE-2024-35809
📋 TL;DR
A race condition in the Linux kernel's PCI power management subsystem allows a kernel crash due to an unhandled page fault when removing certain PCI drivers. This affects Linux systems using PCI devices with runtime-idle callbacks, particularly the rtsx_pcr driver. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
System crash or kernel panic when removing specific PCI devices, resulting in temporary denial of service.
If Mitigated
No impact if systems are patched or don't use affected PCI drivers with runtime-idle callbacks.
🎯 Exploit Status
Exploitation requires local access and specific race condition timing during PCI driver removal operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with commits 47d8aafcfe31, 6347348c6aba, 7cc94dd36e48, 900b81caf00c, 9a87375bb586
Vendor Advisory: https://git.kernel.org/stable/c/47d8aafcfe313511a98f165a54d0adceb34e54b1
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.
🔧 Temporary Workarounds
Disable runtime PM for affected drivers
linuxPrevent runtime power management for PCI devices using .runtime_idle() callbacks
echo 'on' > /sys/bus/pci/devices/[device]/power/control
Blacklist rtsx_pcr driver
linuxPrevent loading of the most commonly affected driver
echo 'blacklist rtsx_pcr' >> /etc/modprobe.d/blacklist.conf
🧯 If You Can't Patch
- Restrict local user access to systems with affected PCI hardware
- Avoid hot-removing PCI devices or driver unloading operations
🔍 How to Verify
Check if Vulnerable:
Check if system uses rtsx_pcr driver: lsmod | grep rtsx_pcrCheck Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits or is newer than patched versions📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- Page fault errors in dmesg
- PCI driver removal failures
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("page fault" OR "kernel panic" OR "rtsx_pcr")🔗 References
- https://git.kernel.org/stable/c/47d8aafcfe313511a98f165a54d0adceb34e54b1
- https://git.kernel.org/stable/c/6347348c6aba52dda0b33296684cbb627bdc6970
- https://git.kernel.org/stable/c/7cc94dd36e48879e76ae7a8daea4ff322b7d9674
- https://git.kernel.org/stable/c/900b81caf00c89417172afe0e7e49ac4eb110f4b
- https://git.kernel.org/stable/c/9a87375bb586515c0af63d5dcdcd58ec4acf20a6
- https://git.kernel.org/stable/c/9d5286d4e7f68beab450deddbb6a32edd5ecf4bf
- https://git.kernel.org/stable/c/bbe068b24409ef740657215605284fc7cdddd491
- https://git.kernel.org/stable/c/d534198311c345e4b062c4b88bb609efb8bd91d5
- https://git.kernel.org/stable/c/d86ad8c3e152349454b82f37007ff6ba45f26989
- https://git.kernel.org/stable/c/47d8aafcfe313511a98f165a54d0adceb34e54b1
- https://git.kernel.org/stable/c/6347348c6aba52dda0b33296684cbb627bdc6970
- https://git.kernel.org/stable/c/7cc94dd36e48879e76ae7a8daea4ff322b7d9674
- https://git.kernel.org/stable/c/900b81caf00c89417172afe0e7e49ac4eb110f4b
- https://git.kernel.org/stable/c/9a87375bb586515c0af63d5dcdcd58ec4acf20a6
- https://git.kernel.org/stable/c/9d5286d4e7f68beab450deddbb6a32edd5ecf4bf
- https://git.kernel.org/stable/c/bbe068b24409ef740657215605284fc7cdddd491
- https://git.kernel.org/stable/c/d534198311c345e4b062c4b88bb609efb8bd91d5
- https://git.kernel.org/stable/c/d86ad8c3e152349454b82f37007ff6ba45f26989
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
