CVE-2024-38664 – This CVE-2024-38664 is a race condition vulnera... (How to Fix)

Q: What is the severity of CVE-2024-38664?

CVE-2024-38664 has a CVSS score of 7.8 (HIGH). This CVE-2024-38664 is a race condition vulnerability in the Linux kernel's ZynqMP DisplayPort subsystem driver where a mutex lock is accessed before proper initialization. This can cause kernel crashes or denial of service when hotplug detection events occur. Systems using affected Linux kernel versions with ZynqMP hardware are vulnerable.

📋 TL;DR

This CVE-2024-38664 is a race condition vulnerability in the Linux kernel's ZynqMP DisplayPort subsystem driver where a mutex lock is accessed before proper initialization. This can cause kernel crashes or denial of service when hotplug detection events occur. Systems using affected Linux kernel versions with ZynqMP hardware are vulnerable.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific versions between initial bug introduction and fix commit 61ba791c4a7a09a370c45b70a81b8c7d4cf6b2ae

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with ZynqMP hardware using the zynqmp_dpsub driver. Embedded systems and devices using Xilinx Zynq UltraScale+ MPSoC are primarily affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

System instability, kernel warnings in logs, and potential crashes during display hotplug events.

🟢

If Mitigated

Minor performance impact from proper mutex locking with no security compromise.

🌐 Internet-Facing: LOW - This is a local kernel driver issue not directly exploitable over network.

🏢 Internal Only: MEDIUM - Local users or processes triggering display hotplug events could cause system instability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering hotplug detection events on vulnerable hardware. This is a race condition that may be difficult to reliably trigger.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commit 61ba791c4a7a09a370c45b70a81b8c7d4cf6b2ae or backports

Vendor Advisory: https://git.kernel.org/stable/c/603661357056b5e5ba6d86f505fbc936eff396ba

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commit. 2. For embedded systems: update vendor kernel or BSP. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable hotplug detection

linux

Prevent the zynqmp_dp_hpd_work_func from being triggered by disabling hotplug detection if supported by hardware.

echo 0 > /sys/class/drm/card*/device/hpd_enable

Blacklist zynqmp_dpsub module

linux

Prevent loading of the vulnerable driver module if alternative display methods are available.

echo 'blacklist zynqmp_dpsub' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

Restrict physical access to prevent hotplug events
Monitor system logs for lockdep warnings and restart if crashes occur

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if zynqmp_dpsub module is loaded: lsmod | grep zynqmp_dpsub

Check Version:

uname -r

Verify Fix Applied:

Check kernel contains fix commit: grep -q '61ba791c4a7a09a370c45b70a81b8c7d4cf6b2ae' /proc/version_signature || uname -r

📡 Detection & Monitoring

Log Indicators:

DEBUG_LOCKS_WARN_ON messages
mutex lock warnings
drm_bridge_hpd_notify errors
kernel stack traces mentioning zynqmp_dp_hpd_work_func

Network Indicators:

None - this is a local kernel issue

SIEM Query:

source="kernel" AND ("DEBUG_LOCKS_WARN_ON" OR "zynqmp_dp_hpd_work_func" OR "drm_bridge_hpd_notify")

📊 Metadata

CVE ID: CVE-2024-38664

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-667

Published: June 24, 2024

Last Updated: May 30, 2025

🔗 References

https://git.kernel.org/stable/c/603661357056b5e5ba6d86f505fbc936eff396ba Mailing List,Patch
https://git.kernel.org/stable/c/6ead3eccf67bc8318b1ce95ed879b2cc05b4fce9 Mailing List,Patch
https://git.kernel.org/stable/c/be3f3042391d061cfca2bd22630e0d101acea5fc Mailing List,Patch
https://git.kernel.org/stable/c/603661357056b5e5ba6d86f505fbc936eff396ba Mailing List,Patch
https://git.kernel.org/stable/c/6ead3eccf67bc8318b1ce95ed879b2cc05b4fce9 Mailing List,Patch
https://git.kernel.org/stable/c/be3f3042391d061cfca2bd22630e0d101acea5fc Mailing List,Patch

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-38664, you might also want to check these: