CVE-2024-39502
📋 TL;DR
This is a use-after-free vulnerability in the Linux kernel's ionic network driver where netif_napi_del() doesn't properly reset the .poll pointer, allowing napi_enable() to be called on already-freed memory. This affects systems using the ionic driver for network interfaces and can cause kernel panics.
💻 Affected Systems
- Linux kernel with ionic network driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
System crash or kernel panic when network queue configuration is changed via ethtool commands, resulting in temporary denial of service.
If Mitigated
No impact if the vulnerability is patched or the ionic driver is not in use.
🎯 Exploit Status
Exploitation requires ability to execute ethtool commands with specific parameters. Local access or remote access with appropriate privileges needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 0d19267cb150e8f76ade210e16ee820a77f684e7, 183ebc167a8a19e916b885d4bb61a3491991bfa5, 60cd714871cd5a683353a355cbb17a685245cf84, 79f18a41dd056115d685f3b0a419c7cd40055e13, 8edd18dab443863e9e48f084e7f123fca3065e4e
Vendor Advisory: https://git.kernel.org/stable/c/0d19267cb150e8f76ade210e16ee820a77f684e7
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable ionic driver
linuxBlacklist or disable the ionic network driver if not needed
echo 'blacklist ionic' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot
Restrict ethtool access
linuxLimit who can execute ethtool commands to prevent triggering the vulnerability
chmod 750 /sbin/ethtool
setcap cap_net_admin+ep /sbin/ethtool
🧯 If You Can't Patch
- Avoid using ethtool to reconfigure network queues on systems with ionic driver
- Implement strict access controls to prevent unauthorized users from running ethtool commands
🔍 How to Verify
Check if Vulnerable:
Check if ionic driver is loaded: lsmod | grep ionic. If loaded, check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits or check with your distribution's security advisory. Test ethtool queue reconfiguration after patch.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning napi_enable or ionic driver
- System crash logs with stack traces showing ionic_qcq_enable
Network Indicators:
- Sudden network interface disappearance
- Unexpected system reboots after network configuration changes
SIEM Query:
event_type:kernel_panic AND (message:*napi_enable* OR message:*ionic*)🔗 References
- https://git.kernel.org/stable/c/0d19267cb150e8f76ade210e16ee820a77f684e7
- https://git.kernel.org/stable/c/183ebc167a8a19e916b885d4bb61a3491991bfa5
- https://git.kernel.org/stable/c/60cd714871cd5a683353a355cbb17a685245cf84
- https://git.kernel.org/stable/c/79f18a41dd056115d685f3b0a419c7cd40055e13
- https://git.kernel.org/stable/c/8edd18dab443863e9e48f084e7f123fca3065e4e
- https://git.kernel.org/stable/c/a87d72b37b9ec2c1e18fe36b09241d8b30334a2e
- https://git.kernel.org/stable/c/ff9c2a9426ecf5b9631e9fd74993b357262387d6
- https://git.kernel.org/stable/c/0d19267cb150e8f76ade210e16ee820a77f684e7
- https://git.kernel.org/stable/c/183ebc167a8a19e916b885d4bb61a3491991bfa5
- https://git.kernel.org/stable/c/60cd714871cd5a683353a355cbb17a685245cf84
- https://git.kernel.org/stable/c/79f18a41dd056115d685f3b0a419c7cd40055e13
- https://git.kernel.org/stable/c/8edd18dab443863e9e48f084e7f123fca3065e4e
- https://git.kernel.org/stable/c/a87d72b37b9ec2c1e18fe36b09241d8b30334a2e
- https://git.kernel.org/stable/c/ff9c2a9426ecf5b9631e9fd74993b357262387d6
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
