CVE-2024-35950
📋 TL;DR
This CVE addresses a race condition in the Linux kernel's Direct Rendering Manager (DRM) client subsystem where the modes[] array lacks proper mutex protection. This could allow local attackers to cause use-after-free conditions, potentially leading to kernel crashes or privilege escalation. The vulnerability affects Linux systems with DRM graphics support.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to root or kernel panic leading to denial of service
Likely Case
Kernel crash or system instability when graphics operations are performed concurrently
If Mitigated
No impact with proper kernel patching or systems without DRM graphics
🎯 Exploit Status
Exploitation requires local access and race condition triggering; no public exploits known
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 04e018bd913d3d3336ab7d21c2ad31a9175fe984, 18c8cc6680ce938d0458859b6a08b4d34f7d8055, 3eadd887dbac1df8f25f701e5d404d1b90fd0fea, 41586487769eede64ab1aa6c65c74cbf76c12ef0, 5a2f957e3c4553bbb100504a1acfeaeb33f4ca4e
Vendor Advisory: https://git.kernel.org/stable/c/04e018bd913d3d3336ab7d21c2ad31a9175fe984
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable DRM graphics if not needed
linuxRemove or disable DRM graphics subsystem if system doesn't require graphics
echo 'blacklist drm' > /etc/modprobe.d/blacklist-drm.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Restrict local user access to systems with vulnerable kernels
- Implement strict process isolation and limit graphics operations to trusted users
🔍 How to Verify
Check if Vulnerable:
Check if kernel version is before the fix commits; examine /proc/version or uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits; check with 'uname -r' and compare with distribution's patched kernel version📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- System crashes during graphics operations
- DRM subsystem errors in dmesg
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("oops" OR "panic" OR "BUG") AND ("drm" OR "modeset")🔗 References
- https://git.kernel.org/stable/c/04e018bd913d3d3336ab7d21c2ad31a9175fe984
- https://git.kernel.org/stable/c/18c8cc6680ce938d0458859b6a08b4d34f7d8055
- https://git.kernel.org/stable/c/3eadd887dbac1df8f25f701e5d404d1b90fd0fea
- https://git.kernel.org/stable/c/41586487769eede64ab1aa6c65c74cbf76c12ef0
- https://git.kernel.org/stable/c/5a2f957e3c4553bbb100504a1acfeaeb33f4ca4e
- https://git.kernel.org/stable/c/8ceb873d816786a7c8058f50d903574aff8d3764
- https://git.kernel.org/stable/c/d2dc6600d4e3e1453e3b1fb233e9f97e2a1ae949
- https://git.kernel.org/stable/c/04e018bd913d3d3336ab7d21c2ad31a9175fe984
- https://git.kernel.org/stable/c/18c8cc6680ce938d0458859b6a08b4d34f7d8055
- https://git.kernel.org/stable/c/3eadd887dbac1df8f25f701e5d404d1b90fd0fea
- https://git.kernel.org/stable/c/41586487769eede64ab1aa6c65c74cbf76c12ef0
- https://git.kernel.org/stable/c/5a2f957e3c4553bbb100504a1acfeaeb33f4ca4e
- https://git.kernel.org/stable/c/8ceb873d816786a7c8058f50d903574aff8d3764
- https://git.kernel.org/stable/c/d2dc6600d4e3e1453e3b1fb233e9f97e2a1ae949
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
