CVE-2024-36895
📋 TL;DR
A buffer overflow vulnerability in the Linux kernel's USB gadget UVC driver allows attackers to write beyond allocated memory bounds when parsing configfs attribute lists. This affects Linux systems using USB gadget functionality, particularly on 32-bit platforms where the buffer size limitation is more severe. The vulnerability can lead to kernel crashes or potential privilege escalation.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation to kernel mode allowing complete system compromise.
Likely Case
System instability, kernel crashes, or denial of service when malformed UVC configfs attributes are processed.
If Mitigated
Limited impact if USB gadget functionality is disabled or UVC gadget support is not used.
🎯 Exploit Status
Exploitation requires ability to write to configfs attributes for UVC gadget, typically requiring local access or USB gadget interaction.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits 650ae71c80749fc7cb8858c8049f532eaec64410, 7a54e5052bde582fd0e7677334fe7a5be92e242c, a422089ce42ced73713e5032aad29a9a7cbe9528)
Vendor Advisory: https://git.kernel.org/stable/c/650ae71c80749fc7cb8858c8049f532eaec64410
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from distribution vendor. 2. Rebuild kernel if using custom kernel with affected commits. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable USB gadget UVC support
linuxRemove or disable UVC gadget module to prevent exploitation
rmmod uvc
echo 'blacklist uvc' >> /etc/modprobe.d/blacklist.conf
Restrict configfs access
linuxLimit write access to configfs UVC gadget attributes
chmod 644 /sys/kernel/config/usb_gadget/*/functions/uvc.*/*
🧯 If You Can't Patch
- Disable USB gadget functionality entirely if not required
- Implement strict access controls to prevent unauthorized users from modifying configfs attributes
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if UVC gadget module is loaded: 'lsmod | grep uvc' and 'uname -r'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated beyond vulnerable commits and test UVC gadget functionality📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- System crashes when using USB gadget functions
- dmesg errors related to UVC or buffer overflows
Network Indicators:
- Unusual USB device enumeration patterns
SIEM Query:
source="kernel" AND ("uvc" OR "buffer overflow" OR "general protection fault")🔗 References
- https://git.kernel.org/stable/c/650ae71c80749fc7cb8858c8049f532eaec64410
- https://git.kernel.org/stable/c/7a54e5052bde582fd0e7677334fe7a5be92e242c
- https://git.kernel.org/stable/c/a422089ce42ced73713e5032aad29a9a7cbe9528
- https://git.kernel.org/stable/c/650ae71c80749fc7cb8858c8049f532eaec64410
- https://git.kernel.org/stable/c/7a54e5052bde582fd0e7677334fe7a5be92e242c
- https://git.kernel.org/stable/c/a422089ce42ced73713e5032aad29a9a7cbe9528
