CVE-2024-36955
📋 TL;DR
This CVE describes a memory leak vulnerability in the Linux kernel's ALSA HDA Intel SoundWire ACPI driver. The vulnerability occurs when device_get_named_child_node() is called without properly releasing the returned fwnode pointer using fwnode_handle_put(). This affects systems using Intel SoundWire audio hardware with the affected kernel versions.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.
Likely Case
Memory leak gradually consumes kernel resources, potentially leading to system performance degradation or instability over time.
If Mitigated
With proper monitoring and resource limits, impact is limited to potential performance issues rather than complete system failure.
🎯 Exploit Status
Exploitation requires triggering the specific driver function repeatedly to cause memory exhaustion. No known public exploits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 722d33c442e66e4aabd3e778958d696ff3a2777e, 7db626d2730d3d80fd31638169054b1e507f07bf, 7ef6ecf98ce309b1f4e5a25cddd5965d01feea07, bd2d9641a39e6b5244230c4b41c4aca83b54b377, c158cf914713efc3bcdc25680c7156c48c12ef6a
Vendor Advisory: https://git.kernel.org/stable/c/722d33c442e66e4aabd3e778958d696ff3a2777e
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable affected driver module
linuxPrevent loading of the vulnerable ALSA HDA Intel SoundWire ACPI driver
echo 'blacklist snd-hda-intel-sdw-acpi' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Monitor kernel memory usage and system stability for signs of memory leak
- Implement resource limits and monitoring for systems using Intel SoundWire audio
🔍 How to Verify
Check if Vulnerable:
Check if snd-hda-intel-sdw-acpi module is loaded: lsmod | grep snd-hda-intel-sdw-acpiCheck Version:
uname -rVerify Fix Applied:
Check kernel version contains fix commits or is newer than patched versions📡 Detection & Monitoring
Log Indicators:
- Kernel OOM (Out of Memory) messages in dmesg or /var/log/kern.log
- Increasing kernel memory usage over time without corresponding process growth
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
Search for kernel panic or OOM events related to audio drivers🔗 References
- https://git.kernel.org/stable/c/722d33c442e66e4aabd3e778958d696ff3a2777e
- https://git.kernel.org/stable/c/7db626d2730d3d80fd31638169054b1e507f07bf
- https://git.kernel.org/stable/c/7ef6ecf98ce309b1f4e5a25cddd5965d01feea07
- https://git.kernel.org/stable/c/bd2d9641a39e6b5244230c4b41c4aca83b54b377
- https://git.kernel.org/stable/c/c158cf914713efc3bcdc25680c7156c48c12ef6a
- https://git.kernel.org/stable/c/722d33c442e66e4aabd3e778958d696ff3a2777e
- https://git.kernel.org/stable/c/7db626d2730d3d80fd31638169054b1e507f07bf
- https://git.kernel.org/stable/c/7ef6ecf98ce309b1f4e5a25cddd5965d01feea07
- https://git.kernel.org/stable/c/bd2d9641a39e6b5244230c4b41c4aca83b54b377
- https://git.kernel.org/stable/c/c158cf914713efc3bcdc25680c7156c48c12ef6a
