CVE-2024-36892
📋 TL;DR
This Linux kernel vulnerability causes a 'Freepointer corrupt' detection when freeing single memory objects with specific kernel configurations enabled. It affects Linux systems with CONFIG_SLAB_FREELIST_HARDENED=y, slub_debug=F, and init_on_free=1, potentially causing kernel crashes or instability.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or system instability.
Likely Case
Kernel warnings or errors in dmesg, possible system instability or crashes during memory operations.
If Mitigated
No impact if vulnerable configurations are not enabled.
🎯 Exploit Status
Exploitation requires specific kernel configurations and local access. Primarily a stability/DoS issue rather than privilege escalation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 56900355485f6e82114b18c812edd57fd7970dcb or 8f828aa48812ced28aa39cb3cfe55ef2444d03dd
Vendor Advisory: https://git.kernel.org/stable/c/56900355485f6e82114b18c812edd57fd7970dcb
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable init_on_free
linuxPrevent the vulnerability by disabling init_on_free kernel parameter
Add 'init_on_free=0' to kernel command line in /etc/default/grub or bootloader config
Enable slub_debug
linuxEnable slub_debug to avoid the problematic code path
Add 'slub_debug=FU' to kernel command line
🧯 If You Can't Patch
- Disable init_on_free kernel parameter if not required
- Ensure CONFIG_SLAB_FREELIST_HARDENED is disabled in kernel build configuration
🔍 How to Verify
Check if Vulnerable:
Check if kernel has vulnerable configuration: cat /proc/cmdline | grep -E 'init_on_free=1.*slub_debug=F' and check if CONFIG_SLAB_FREELIST_HARDENED is enabled in kernel configCheck Version:
uname -rVerify Fix Applied:
Check kernel version contains fix commits: uname -r and verify with distribution patch notes📡 Detection & Monitoring
Log Indicators:
- "Freepointer corrupt" messages in dmesg
- "BUG kmalloc-rnd" kernel warnings
Network Indicators:
- None - local kernel issue
SIEM Query:
source="kernel" AND ("Freepointer corrupt" OR "BUG kmalloc-rnd")