CVE-2024-38543 – This CVE describes a NULL pointer dereference v... (How to Fix)

Q: What is the severity of CVE-2024-38543?

CVE-2024-38543 has a CVSS score of 5.5 (MEDIUM). This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's lib/test_hmm.c module. If memory allocation fails during device eviction, dereferencing uninitialized pointers could cause kernel crashes or instability. This affects Linux systems using the test_hmm module, primarily developers and testers working with heterogeneous memory management features.

📋 TL;DR

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's lib/test_hmm.c module. If memory allocation fails during device eviction, dereferencing uninitialized pointers could cause kernel crashes or instability. This affects Linux systems using the test_hmm module, primarily developers and testers working with heterogeneous memory management features.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected kernel versions not explicitly stated in CVE description; check git commits for exact ranges.

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: The test_hmm module is typically not loaded by default; only affects systems where this testing module is explicitly loaded.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially requiring physical reboot.

🟠

Likely Case

System instability or crash when test_hmm module is actively used during memory pressure conditions.

🟢

If Mitigated

No impact if test_hmm module is not loaded or system has sufficient memory resources.

🌐 Internet-Facing: LOW - This is a kernel module primarily used for testing, not typically exposed to internet-facing services.

🏢 Internal Only: LOW - Requires specific conditions (test_hmm module loaded + memory exhaustion) and is in testing code.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires kernel-level access, memory exhaustion conditions, and the test_hmm module to be loaded.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check specific kernel versions from provided git commit references

Vendor Advisory: https://git.kernel.org/stable/c/1a21fdeea502658e315bd939409b755974f4fb64

Restart Required: Yes

Instructions:

1. Identify current kernel version. 2. Apply kernel patches from provided git commits. 3. Rebuild kernel if using custom build. 4. Reboot system to load patched kernel.

🔧 Temporary Workarounds

Unload test_hmm module

linux

Remove the vulnerable module from memory if it's loaded

sudo rmmod test_hmm

Prevent module loading

linux

Blacklist the module to prevent it from being loaded

echo 'blacklist test_hmm' | sudo tee /etc/modprobe.d/blacklist-test_hmm.conf

🧯 If You Can't Patch

Ensure test_hmm kernel module is not loaded (check with lsmod)
Monitor system memory usage to prevent exhaustion conditions

🔍 How to Verify

Check if Vulnerable:

Check if test_hmm module is loaded: lsmod | grep test_hmm

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is patched by checking git commit history or vendor advisories

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
NULL pointer dereference errors in kernel logs
Out of memory conditions

Network Indicators:

None - this is a local kernel vulnerability

SIEM Query:

source="kernel" AND ("NULL pointer" OR "test_hmm" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2024-38543

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: June 19, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-38543, you might also want to check these: