CVE-2024-40976 – A race condition vulnerability in the Linux ker... (How to Fix)

Q: What is the severity of CVE-2024-40976?

CVE-2024-40976 has a CVSS score of 5.5 (MEDIUM). A race condition vulnerability in the Linux kernel's Lima GPU driver allows a rendering job to complete after timeout handling begins but before hard reset, potentially causing refcount imbalances and system instability. This affects Linux systems using the Lima driver for ARM Mali GPUs. The vulnerability could lead to kernel warnings or crashes.

📋 TL;DR

A race condition vulnerability in the Linux kernel's Lima GPU driver allows a rendering job to complete after timeout handling begins but before hard reset, potentially causing refcount imbalances and system instability. This affects Linux systems using the Lima driver for ARM Mali GPUs. The vulnerability could lead to kernel warnings or crashes.

💻 Affected Systems

Products:

Linux kernel with Lima GPU driver

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions with Lima driver support

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using Lima driver for ARM Mali GPUs (typically ARM-based systems). Requires GPU rendering operations.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash due to refcount imbalance leading to memory corruption or instability.

🟠

Likely Case

Kernel warning messages in logs and potential GPU driver instability requiring system reboot.

🟢

If Mitigated

Minor performance impact from timeout handling with no security compromise.

🌐 Internet-Facing: LOW - Requires local access to trigger GPU operations.

🏢 Internal Only: MEDIUM - Local users or processes could trigger the condition, potentially causing system instability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to trigger GPU rendering operations that can timeout. More likely to be triggered accidentally than maliciously.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel with commit 03e7b2f7ae4c0ae5fb8e4e2454ba4008877f196a or later

Vendor Advisory: https://git.kernel.org/stable/c/03e7b2f7ae4c0ae5fb8e4e2454ba4008877f196a

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commit. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable Lima GPU driver

linux

Remove or blacklist the Lima driver module to prevent GPU acceleration but avoid vulnerability

echo 'blacklist lima' >> /etc/modprobe.d/blacklist-lima.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

Restrict local user access to systems using Lima GPU driver
Monitor system logs for Lima driver warnings and restart affected services

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if Lima driver is loaded: 'lsmod | grep lima' and 'uname -r'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commit or check with 'modinfo lima | grep version'

📡 Detection & Monitoring

Log Indicators:

Kernel warnings mentioning 'lima_devfreq_record_idle'
GPU timeout messages in dmesg
Refcount imbalance warnings

Network Indicators:

None - local vulnerability only

SIEM Query:

source="kernel" AND ("lima_devfreq_record_idle" OR "lima_sched_pipe_task_done" OR "WARNING: CPU:")

📊 Metadata

CVE ID: CVE-2024-40976

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-362

Published: July 12, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-40976, you might also want to check these: