CVE-2024-35907
📋 TL;DR
A NULL pointer dereference vulnerability in the mlxbf_gige driver of the Linux kernel allows a kernel panic when kdump is enabled and triggered. This affects systems using Mellanox BlueField SmartNICs with the vulnerable driver loaded. The issue occurs due to improper interrupt handling sequence during driver initialization.
💻 Affected Systems
- Linux kernel with mlxbf_gige driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially disrupting critical network operations on affected SmartNIC systems.
Likely Case
System crash when kdump is triggered (e.g., during kernel panic collection), causing temporary service interruption until system reboot.
If Mitigated
No impact if kdump is disabled or the vulnerable driver is not loaded/used.
🎯 Exploit Status
Exploitation requires ability to trigger kdump (typically root/admin privileges) and specific hardware/driver configuration. Not a remote code execution vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel commits: 24444af5ddf729376b90db0f135fa19973cb5dab, 867a2f598af6a645c865d1101b58c5e070c6dd9e, 8feb1652afe9c5d019059a55c90f70690dce0f52, a583117668ddb86e98f2e11c7caa3db0e6df52a3, f7442a634ac06b953fc1f7418f307b25acd4cfbc
Vendor Advisory: https://git.kernel.org/stable/c/24444af5ddf729376b90db0f135fa19973cb5dab
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fixes. 2. Rebuild kernel if compiling from source. 3. Reboot system to load patched kernel. 4. Verify mlxbf_gige driver loads without error.
🔧 Temporary Workarounds
Disable kdump
linuxPrevent triggering of the vulnerability by disabling kdump service
systemctl disable kdump.service
systemctl stop kdump.service
Blacklist mlxbf_gige driver
linuxPrevent loading of vulnerable driver if SmartNIC functionality not required
echo 'blacklist mlxbf_gige' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Ensure kdump is disabled on all affected systems
- Monitor for kernel panic events and investigate any mlxbf_gige related crashes
🔍 How to Verify
Check if Vulnerable:
Check if mlxbf_gige module is loaded: lsmod | grep mlxbf_gige. Check kdump status: systemctl status kdump.serviceCheck Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits. Test by triggering kdump (if needed): echo c > /proc/sysrq-trigger (caution: will cause panic)📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning mlxbf_gige
- NULL pointer dereference in mlxbf_gige_open
- OOB_net0 interface errors
Network Indicators:
- Sudden loss of network connectivity on SmartNIC interfaces
SIEM Query:
event_source="kernel" AND (message CONTAINS "mlxbf_gige" OR message CONTAINS "NULL pointer" AND process="NetworkManager")🔗 References
- https://git.kernel.org/stable/c/24444af5ddf729376b90db0f135fa19973cb5dab
- https://git.kernel.org/stable/c/867a2f598af6a645c865d1101b58c5e070c6dd9e
- https://git.kernel.org/stable/c/8feb1652afe9c5d019059a55c90f70690dce0f52
- https://git.kernel.org/stable/c/a583117668ddb86e98f2e11c7caa3db0e6df52a3
- https://git.kernel.org/stable/c/f7442a634ac06b953fc1f7418f307b25acd4cfbc
- https://git.kernel.org/stable/c/24444af5ddf729376b90db0f135fa19973cb5dab
- https://git.kernel.org/stable/c/867a2f598af6a645c865d1101b58c5e070c6dd9e
- https://git.kernel.org/stable/c/8feb1652afe9c5d019059a55c90f70690dce0f52
- https://git.kernel.org/stable/c/a583117668ddb86e98f2e11c7caa3db0e6df52a3
- https://git.kernel.org/stable/c/f7442a634ac06b953fc1f7418f307b25acd4cfbc
