CVE-2024-38635
📋 TL;DR
A memory corruption vulnerability in the Linux kernel's SoundWire Cadence driver allows out-of-bounds memory access due to incorrect PDI offset calculation. This affects Linux systems using SoundWire audio interfaces. Attackers could potentially exploit this to crash the kernel or execute arbitrary code.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic, system crash, or potential arbitrary code execution with kernel privileges leading to complete system compromise.
Likely Case
System instability, kernel crashes, or denial of service affecting audio functionality.
If Mitigated
Limited impact if SoundWire interfaces are not in use or if proper kernel hardening measures are implemented.
🎯 Exploit Status
Exploitation requires local access and ability to interact with the SoundWire driver. No known active exploitation reported.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 002364b2d594a9afc0385c09e00994c510b1d089, 2ebcaa0e5db9b6044bb487ae1cf41bc601761567, 4e99103f757cdf636c6ee860994a19a346a11785, 7eeef1e935d23db5265233d92395bd5c648a4021, 8ee1b439b1540ae543149b15a2a61b9dff937d91
Vendor Advisory: https://git.kernel.org/stable/c/
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable SoundWire module
linuxPrevent loading of the vulnerable SoundWire Cadence driver
echo 'blacklist soundwire_cadence' >> /etc/modprobe.d/blacklist.conf
rmmod soundwire_cadence
🧯 If You Can't Patch
- Implement strict access controls to limit who can interact with audio devices
- Enable kernel hardening features like SELinux/AppArmor to restrict driver access
🔍 How to Verify
Check if Vulnerable:
Check kernel version and verify if SoundWire Cadence driver is loaded: lsmod | grep soundwire_cadenceCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits or check that soundwire_cadence module version matches patched release📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- Ooops messages related to soundwire
- System crashes during audio operations
Network Indicators:
- None - local vulnerability only
SIEM Query:
kernel:panic OR kernel:oops AND soundwire🔗 References
- https://git.kernel.org/stable/c/002364b2d594a9afc0385c09e00994c510b1d089
- https://git.kernel.org/stable/c/2ebcaa0e5db9b6044bb487ae1cf41bc601761567
- https://git.kernel.org/stable/c/4e99103f757cdf636c6ee860994a19a346a11785
- https://git.kernel.org/stable/c/7eeef1e935d23db5265233d92395bd5c648a4021
- https://git.kernel.org/stable/c/8ee1b439b1540ae543149b15a2a61b9dff937d91
- https://git.kernel.org/stable/c/902f6d656441a511ac25c6cffce74496db10a078
- https://git.kernel.org/stable/c/fd4bcb991ebaf0d1813d81d9983cfa99f9ef5328
- https://git.kernel.org/stable/c/002364b2d594a9afc0385c09e00994c510b1d089
- https://git.kernel.org/stable/c/2ebcaa0e5db9b6044bb487ae1cf41bc601761567
- https://git.kernel.org/stable/c/4e99103f757cdf636c6ee860994a19a346a11785
- https://git.kernel.org/stable/c/7eeef1e935d23db5265233d92395bd5c648a4021
- https://git.kernel.org/stable/c/8ee1b439b1540ae543149b15a2a61b9dff937d91
- https://git.kernel.org/stable/c/902f6d656441a511ac25c6cffce74496db10a078
- https://git.kernel.org/stable/c/fd4bcb991ebaf0d1813d81d9983cfa99f9ef5328
