Login Sign Up

CVE-2024-36896

9.1 CRITICAL
Denial of Service

📋 TL;DR

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's USB core subsystem. When a USB hub is concurrently removed while port device operations are being performed, the kernel can crash or become unstable due to accessing invalid memory. This affects all Linux systems with USB support.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected kernel versions not specified in CVE description; typically affects multiple stable branches before fixes were applied.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires USB subsystem to be enabled and in use. Systems without USB devices or with USB disabled are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially allowing local privilege escalation if combined with other vulnerabilities.

🟠

Likely Case

System crash or kernel panic when USB devices are being hot-unplugged during port operations, causing denial of service.

🟢

If Mitigated

Minor system instability or crash limited to USB operations without broader system compromise.

🌐 Internet-Facing: LOW - Requires local access to USB ports, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local attackers or users with physical access could trigger the vulnerability to cause denial of service.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and timing to trigger concurrent USB hub removal during port operations. Discovered through syzkaller fuzzing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 5f1d68ef5ddac27c6b997adccd1c339cef1e6848, 6119ef6517ce501fc548154691abdaf1f954a277, 63533549ff53d24daf47c443dbd43c308afc3434, a4b46d450c49f32e9d4247b421e58083fde304ce

Vendor Advisory: https://git.kernel.org/stable/c/5f1d68ef5ddac27c6b997adccd1c339cef1e6848

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable USB hotplug

linux

Prevent USB device hot-unplugging to avoid triggering the race condition

echo 0 > /sys/bus/usb/drivers_autoprobe
echo 0 > /sys/bus/usb/devices/*/authorized

Remove USB kernel module

linux

Unload USB subsystem if not needed (drastic measure)

modprobe -r usbcore
modprobe -r usb-storage
modprobe -r usbhid

🧯 If You Can't Patch

  • Restrict physical access to USB ports
  • Implement strict change control for USB device connections

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with patched versions from distribution advisories

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version contains the fix commits: grep -q '5f1d68ef5ddac27c6b997adccd1c339cef1e6848' /proc/version_signature || uname -r

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages in /var/log/kern.log or dmesg
  • NULL pointer dereference errors in kernel logs
  • USB subsystem crash logs

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("NULL pointer dereference" OR "usb_hub_to_struct_hub" OR "disable_store" OR "disable_show")

📊 Metadata

CVE ID: CVE-2024-36896
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CWE: CWE-476
Published: May 30, 2024
Last Updated: April 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36896, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)
CVE-2023-47003 9.8

A NULL pointer dereference vulnerability in RedisGraph allows attackers to execute arbitrary code or...

Same vulnerability type (CWE-476)