CVE-2024-36906
📋 TL;DR
A KASAN (Kernel Address SANitizer) stack poisoning vulnerability in the ARM Linux kernel allows stale poison values to remain in stack memory after CPU idle states. This can cause false positive out-of-bounds access detections, potentially leading to kernel crashes or instability. Affects ARM-based Linux systems with KASAN enabled.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash due to false positive KASAN violations during critical operations, causing denial of service.
Likely Case
Spurious KASAN error reports in logs, potential system instability during idle state transitions, but no direct code execution.
If Mitigated
Minor performance impact from KASAN instrumentation with no security bypass or privilege escalation.
🎯 Exploit Status
Exploitation requires triggering specific CPU idle states on ARM systems with KASAN enabled; primarily a stability issue rather than security bypass.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in stable kernel commits: 20ac71bee028ffbae4fc14ed679b23b4d3e95726, ad702338fe423cb1e79745787090317256a98dab, b26f353786d365e658cebc9a9ace88e04fc2325e, c4238686f9093b98bd6245a348bcf059cdce23af, ee0ce7573e5083031960faf602c9db693ab5b477
Vendor Advisory: https://git.kernel.org/stable/c/20ac71bee028ffbae4fc14ed679b23b4d3e95726
Restart Required: Yes
Instructions:
1. Update to patched kernel version from your distribution vendor. 2. Rebuild kernel if compiling from source with the fix commits. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable KASAN
linuxDisable KASAN instrumentation in kernel configuration
Rebuild kernel with CONFIG_KASAN=n and CONFIG_KASAN_STACK=n
Disable CPU idle states
linuxPrevent CPUs from entering deep idle states that trigger the issue
echo 0 > /sys/devices/system/cpu/cpu*/cpuidle/state*/disable
🧯 If You Can't Patch
- Disable KASAN in production kernels (not recommended for development systems)
- Monitor system logs for KASAN errors and restart affected services if crashes occur
🔍 How to Verify
Check if Vulnerable:
Check kernel version and KASAN configuration: grep CONFIG_KASAN /boot/config-$(uname -r) && uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits or is newer than patched versions📡 Detection & Monitoring
Log Indicators:
- KASAN stack-out-of-bounds errors in kernel logs
- CPU idle transition errors
- Kernel panic messages
Network Indicators:
- None - local issue only
SIEM Query:
source="kernel" AND "KASAN: stack-out-of-bounds" OR "BUG: KASAN"🔗 References
- https://git.kernel.org/stable/c/20ac71bee028ffbae4fc14ed679b23b4d3e95726
- https://git.kernel.org/stable/c/ad702338fe423cb1e79745787090317256a98dab
- https://git.kernel.org/stable/c/b26f353786d365e658cebc9a9ace88e04fc2325e
- https://git.kernel.org/stable/c/c4238686f9093b98bd6245a348bcf059cdce23af
- https://git.kernel.org/stable/c/ee0ce7573e5083031960faf602c9db693ab5b477
- https://git.kernel.org/stable/c/20ac71bee028ffbae4fc14ed679b23b4d3e95726
- https://git.kernel.org/stable/c/ad702338fe423cb1e79745787090317256a98dab
- https://git.kernel.org/stable/c/b26f353786d365e658cebc9a9ace88e04fc2325e
- https://git.kernel.org/stable/c/c4238686f9093b98bd6245a348bcf059cdce23af
- https://git.kernel.org/stable/c/ee0ce7573e5083031960faf602c9db693ab5b477
