CVE-2024-36934
📋 TL;DR
This CVE-2024-36934 is a Linux kernel vulnerability in the bna driver where improper memory handling allows out-of-bounds read. Attackers could exploit this to read kernel memory, potentially leading to information disclosure or system crashes. Systems using affected Linux kernel versions with the bna driver loaded are vulnerable.
💻 Affected Systems
- Linux kernel with bna driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory disclosure leading to privilege escalation, system compromise, or complete system crash/DoS
Likely Case
Information disclosure from kernel memory or system instability/crash
If Mitigated
Minimal impact if bna driver not loaded or systems properly segmented
🎯 Exploit Status
Requires local access and ability to interact with bna driver interface
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits 06cb37e2ba6441888f24566a997481d4197b4e32 and related fixes
Vendor Advisory: https://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify bna driver is using memdup_user_nul instead of memdup_user.
🔧 Temporary Workarounds
Disable bna driver
linuxUnload or blacklist the bna kernel module if not needed
sudo rmmod bna
echo 'blacklist bna' | sudo tee /etc/modprobe.d/blacklist-bna.conf
🧯 If You Can't Patch
- Ensure bna driver is not loaded on critical systems
- Implement strict access controls to prevent unauthorized users from interacting with kernel interfaces
🔍 How to Verify
Check if Vulnerable:
Check if bna module is loaded: lsmod | grep bna AND check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated AND check bna driver source uses memdup_user_nul📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- System crashes related to bna driver
- Unexpected memory access errors
Network Indicators:
- Unusual local system calls to bna interfaces
SIEM Query:
process.name:"bna" OR kernel.panic OR kernel.oops🔗 References
- https://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32
- https://git.kernel.org/stable/c/0f560240b4cc25d3de527deb257cdf072c0102a9
- https://git.kernel.org/stable/c/1518b2b498a0109eb6b15755169d3b6607356b35
- https://git.kernel.org/stable/c/6f0f19b79c085cc891c418b768f26f7004bd51a4
- https://git.kernel.org/stable/c/80578ec10335bc15ac35fd1703c22aab34e39fdd
- https://git.kernel.org/stable/c/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f
- https://git.kernel.org/stable/c/bd502ba81cd1d515deddad7dbc6b812b14b97147
- https://git.kernel.org/stable/c/e19478763154674c084defc62ae0d64d79657f91
- https://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32
- https://git.kernel.org/stable/c/0f560240b4cc25d3de527deb257cdf072c0102a9
- https://git.kernel.org/stable/c/1518b2b498a0109eb6b15755169d3b6607356b35
- https://git.kernel.org/stable/c/6f0f19b79c085cc891c418b768f26f7004bd51a4
- https://git.kernel.org/stable/c/80578ec10335bc15ac35fd1703c22aab34e39fdd
- https://git.kernel.org/stable/c/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f
- https://git.kernel.org/stable/c/bd502ba81cd1d515deddad7dbc6b812b14b97147
- https://git.kernel.org/stable/c/e19478763154674c084defc62ae0d64d79657f91
- https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://security.netapp.com/advisory/ntap-20240912-0007/
