CVE-2024-41092
📋 TL;DR
This CVE describes a use-after-free vulnerability in the Linux kernel's i915 graphics driver. It allows local attackers to potentially crash the system or execute arbitrary code by exploiting a race condition during fence register revocation. Affected systems are those running vulnerable Linux kernel versions with Intel integrated graphics.
💻 Affected Systems
- Linux kernel with Intel i915 graphics driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to kernel-level code execution, leading to complete system compromise.
Likely Case
Kernel panic or system crash causing denial of service.
If Mitigated
System remains stable with proper patching; unpatched systems risk crashes during graphics operations.
🎯 Exploit Status
Exploitation requires local access and knowledge of kernel internals. Race condition makes timing-dependent exploitation challenging.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commit 24bb052d3dd4 or later
Vendor Advisory: https://git.kernel.org/stable/c/24bb052d3dd499c5956abad5f7d8e4fd07da7fb1
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fix commit 24bb052d3dd4
2. Reboot system to load new kernel
3. Verify kernel version with 'uname -r'
🔧 Temporary Workarounds
Disable i915 driver
linuxPrevent loading of vulnerable i915 graphics driver
echo 'blacklist i915' >> /etc/modprobe.d/blacklist-i915.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Restrict local user access to systems with vulnerable kernels
- Monitor for kernel panic logs and investigate any crashes related to i915 driver
🔍 How to Verify
Check if Vulnerable:
Check if kernel version is between affected commits: 'uname -r' and compare with kernel git historyCheck Version:
uname -rVerify Fix Applied:
Verify kernel contains commit 24bb052d3dd4: 'git log --oneline | grep 24bb052d3dd4' or check kernel version is newer than fix📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages containing 'i915_vma_revoke_fence'
- GEM_BUG_ON errors in dmesg
- System crashes during graphics operations
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("i915_vma_revoke_fence" OR "GEM_BUG_ON" OR "kernel BUG at drivers/gpu/drm/i915/gt/intel_ggtt_fencing.c")🔗 References
- https://git.kernel.org/stable/c/06dec31a0a5112a91f49085e8a8fa1a82296d5c7
- https://git.kernel.org/stable/c/29c0fdf49078ab161570d3d1c6e13d66f182717d
- https://git.kernel.org/stable/c/414f4a31f7a811008fd9a33b06216b060bad18fc
- https://git.kernel.org/stable/c/996c3412a06578e9d779a16b9e79ace18125ab50
- https://git.kernel.org/stable/c/ca0fabd365a27a94a36e68a7a02df8ff3c13dac6
- https://git.kernel.org/stable/c/f771b91f21c46ad1217328d05e72a2c7e3add535
- https://git.kernel.org/stable/c/06dec31a0a5112a91f49085e8a8fa1a82296d5c7
- https://git.kernel.org/stable/c/29c0fdf49078ab161570d3d1c6e13d66f182717d
- https://git.kernel.org/stable/c/414f4a31f7a811008fd9a33b06216b060bad18fc
- https://git.kernel.org/stable/c/996c3412a06578e9d779a16b9e79ace18125ab50
- https://git.kernel.org/stable/c/ca0fabd365a27a94a36e68a7a02df8ff3c13dac6
- https://git.kernel.org/stable/c/f771b91f21c46ad1217328d05e72a2c7e3add535
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
