CVE-2024-38390
📋 TL;DR
This vulnerability is a null pointer dereference in the Linux kernel's MSM A6xx GPU driver that occurs when speedbin setting fails during initialization. It can cause kernel crashes or denial-of-service on affected systems. Systems using Qualcomm Adreno A6xx series GPUs with vulnerable Linux kernel versions are affected.
💻 Affected Systems
- Linux kernel with MSM DRM driver for Qualcomm Adreno A6xx GPUs
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial-of-service, potentially requiring physical reboot of affected devices.
Likely Case
System instability or crash when GPU initialization fails, affecting device availability.
If Mitigated
Minimal impact with proper kernel hardening and privilege separation in place.
🎯 Exploit Status
Requires ability to trigger GPU initialization failure conditions, typically requiring local access or kernel module loading capabilities.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 247849eeb3fd88f8990ed73e33af70d5c10f9aec or later
Vendor Advisory: https://patchwork.freedesktop.org/patch/588919/
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable MSM DRM driver
linuxPrevent loading of vulnerable GPU driver module
echo 'blacklist msm' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
🧯 If You Can't Patch
- Restrict local user access to prevent triggering GPU initialization failures
- Implement kernel hardening measures like SELinux/AppArmor to limit module loading
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if MSM DRM driver is loaded: lsmod | grep msmCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commit and test GPU functionality📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- NULL pointer dereference in kernel logs
- GPU initialization failure logs
Network Indicators:
- None - local vulnerability
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "panic" OR "oops") AND "msm" OR "a6xx"🔗 References
- https://git.kernel.org/stable/c/247849eeb3fd88f8990ed73e33af70d5c10f9aec
- https://git.kernel.org/stable/c/46d4efcccc688cbacdd70a238bedca510acaa8e4
- https://git.kernel.org/stable/c/617e3d1680504a3f9d88e1582892c68be155498f
- https://git.kernel.org/stable/c/a1955a6df91355fef72a3a254700acd3cc1fec0d
- https://git.kernel.org/stable/c/247849eeb3fd88f8990ed73e33af70d5c10f9aec
- https://git.kernel.org/stable/c/46d4efcccc688cbacdd70a238bedca510acaa8e4
- https://git.kernel.org/stable/c/617e3d1680504a3f9d88e1582892c68be155498f
- https://git.kernel.org/stable/c/a1955a6df91355fef72a3a254700acd3cc1fec0d
