CVE-2024-35833
📋 TL;DR
A memory leak vulnerability in the Linux kernel's fsl-qdma DMA engine driver allows attackers to cause resource exhaustion by repeatedly triggering the vulnerable code path. This affects systems using Freescale/NXP QDMA hardware with unpatched Linux kernels. The vulnerability could lead to denial of service or system instability over time.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could exhaust system memory, causing kernel panic, system crashes, or denial of service to all applications.
Likely Case
Gradual memory consumption leading to system slowdowns, application failures, or eventual system instability requiring reboot.
If Mitigated
Limited impact with proper memory monitoring and restart policies; memory exhaustion would be contained to the affected system.
🎯 Exploit Status
Exploitation requires ability to trigger DMA operations through the vulnerable driver, typically requiring local access or compromised application with appropriate permissions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel commits: 15eb996d7d13cb72a16389231945ada8f0fef2c3, 198270de9d8eb3b5d5f030825ea303ef95285d24, 1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8, 25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59, 3aa58cb51318e329d203857f7a191678e60bb714
Vendor Advisory: https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commits. 2. Check your distribution's security advisories for backported patches. 3. Rebuild kernel if compiling from source. 4. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable fsl-qdma module
linuxPrevent loading of the vulnerable driver if QDMA hardware is not required
echo 'blacklist fsl_qdma' >> /etc/modprobe.d/blacklist.conf
rmmod fsl_qdma
🧯 If You Can't Patch
- Monitor system memory usage and implement alerts for abnormal consumption patterns
- Restrict access to DMA operations through appropriate user/group permissions and SELinux/AppArmor policies
🔍 How to Verify
Check if Vulnerable:
Check if fsl_qdma module is loaded: lsmod | grep fsl_qdma. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits. Check dmesg for successful driver initialization without memory allocation errors.📡 Detection & Monitoring
Log Indicators:
- Kernel oom-killer messages
- Memory allocation failures in dmesg
- Rising memory usage without corresponding process growth
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("oom-killer" OR "Out of memory" OR "allocation failure") AND process="fsl_qdma"🔗 References
- https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3
- https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24
- https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8
- https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59
- https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714
- https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6
- https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802
- https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3
- https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24
- https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8
- https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59
- https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714
- https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6
- https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
