CVE-2024-35858
📋 TL;DR
A memory leak vulnerability in the Linux kernel's Broadcom ASP network driver allows attackers to cause denial of service through resource exhaustion. When network interfaces are brought down, the driver fails to free DMA-mapped buffers, leading to memory corruption and potential system instability. This affects Linux systems using the bcmasp network driver.
💻 Affected Systems
- Linux kernel with bcmasp network driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System crash or kernel panic due to memory exhaustion and control block corruption, requiring physical reboot.
Likely Case
Gradual memory depletion leading to performance degradation and eventual denial of service on affected network interfaces.
If Mitigated
Minor performance impact with proper monitoring and memory limits in place.
🎯 Exploit Status
Requires ability to bring network interfaces up/down repeatedly or trigger power management events. Local access typically needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel stable releases containing the fix commits
Vendor Advisory: https://git.kernel.org/stable/c/09040baf8779ad880e0e0d0ea10e57aa929ef3ab
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fix commits. 2. Rebuild kernel if compiling from source. 3. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable interface power management
linuxPrevent automatic interface state changes that trigger the vulnerability
ethtool -s <interface> wol d
echo 0 > /sys/class/net/<interface>/device/power/control
Avoid manual interface down operations
linuxMinimize bringing affected network interfaces down
🧯 If You Can't Patch
- Monitor system memory usage and kernel logs for memory leak indicators
- Implement strict access controls to prevent unauthorized users from modifying network interface states
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if bcmasp module is loaded: lsmod | grep bcmasp && uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: git log --oneline | grep -E '09040baf8779ad880e0e0d0ea10e57aa929ef3ab|2389ad1990163d29cba5480d693b4c2e31cc545c|9f898fc2c31fbf0ac5ecd289f528a716464cb005'📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- Out of memory errors in dmesg
- Increasing memory usage in /proc/meminfo
Network Indicators:
- Network interface instability
- Increased packet loss on affected interfaces
SIEM Query:
source="kernel" AND ("out of memory" OR "panic" OR "Oops") AND ("bcmasp" OR "network interface")🔗 References
- https://git.kernel.org/stable/c/09040baf8779ad880e0e0d0ea10e57aa929ef3ab
- https://git.kernel.org/stable/c/2389ad1990163d29cba5480d693b4c2e31cc545c
- https://git.kernel.org/stable/c/9f898fc2c31fbf0ac5ecd289f528a716464cb005
- https://git.kernel.org/stable/c/09040baf8779ad880e0e0d0ea10e57aa929ef3ab
- https://git.kernel.org/stable/c/2389ad1990163d29cba5480d693b4c2e31cc545c
- https://git.kernel.org/stable/c/9f898fc2c31fbf0ac5ecd289f528a716464cb005
