CVE-2024-42094
📋 TL;DR
This CVE describes a stack overflow vulnerability in the Linux kernel's net/iucv component when CONFIG_CPUMASK_OFFSTACK=y is configured. The vulnerability occurs due to improper cpumask variable allocation on the stack, which could lead to kernel crashes or potential privilege escalation. Systems running affected Linux kernel versions with the IUCV networking feature enabled and CONFIG_CPUMASK_OFFSTACK=y are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation to kernel mode allowing complete system compromise.
Likely Case
Kernel crash causing system instability or denial of service, requiring reboot to restore functionality.
If Mitigated
No impact if CONFIG_CPUMASK_OFFSTACK=y is not enabled or IUCV networking is not used.
🎯 Exploit Status
Exploitation requires local access and specific kernel configuration. The vulnerability is in a niche networking component (IUCV) primarily used in mainframe environments.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check kernel commit 0af718a690acc089aa1bbb95a93df833d864ef53 and related commits
Vendor Advisory: https://git.kernel.org/stable/c/0af718a690acc089aa1bbb95a93df833d864ef53
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version containing commit 0af718a690acc089aa1bbb95a93df833d864ef53. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable CONFIG_CPUMASK_OFFSTACK
linuxSet CONFIG_CPUMASK_OFFSTACK=n in kernel configuration to avoid vulnerable code path
Edit kernel config file and set CONFIG_CPUMASK_OFFSTACK=n
Recompile and install kernel if using custom build
Disable IUCV networking
linuxRemove or disable IUCV networking module if not required
modprobe -r iucv
Add 'blacklist iucv' to /etc/modprobe.d/blacklist.conf
🧯 If You Can't Patch
- Disable IUCV networking module if not required for operations
- Ensure CONFIG_CPUMASK_OFFSTACK is disabled in kernel configuration
🔍 How to Verify
Check if Vulnerable:
Check kernel version and configuration: 1. Check if IUCV module is loaded: lsmod | grep iucv 2. Check kernel config: grep CONFIG_CPUMASK_OFFSTACK /boot/config-$(uname -r)Check Version:
uname -rVerify Fix Applied:
Verify kernel contains fix commit: 1. Check kernel version: uname -r 2. Verify commit exists: git log --oneline | grep '0af718a690acc089aa1bbb95a93df833d864ef53' (if kernel source available)📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- System crash/reboot events without clear cause
- IUCV-related error messages
Network Indicators:
- Unusual IUCV protocol activity if monitored
SIEM Query:
source="kernel" AND ("panic" OR "Oops" OR "general protection fault") AND process="iucv"🔗 References
- https://git.kernel.org/stable/c/0af718a690acc089aa1bbb95a93df833d864ef53
- https://git.kernel.org/stable/c/2b085521be5292016097b5e7ca81b26be3f7098d
- https://git.kernel.org/stable/c/2d090c7f7be3b26fcb80ac04d08a4a8062b1d959
- https://git.kernel.org/stable/c/724e7965af054079242b8d6f7e50ee226730a756
- https://git.kernel.org/stable/c/842afb47d84536fc976fece8fb6c54bea711ad1a
- https://git.kernel.org/stable/c/9dadab0db7d904413ea1cdaa13f127da05c31e71
- https://git.kernel.org/stable/c/be4e1304419c99a164b4c0e101c7c2a756b635b9
- https://git.kernel.org/stable/c/d85ca8179a54ff8cf1e1f8c3c9e3799831319bae
- https://git.kernel.org/stable/c/0af718a690acc089aa1bbb95a93df833d864ef53
- https://git.kernel.org/stable/c/2b085521be5292016097b5e7ca81b26be3f7098d
- https://git.kernel.org/stable/c/2d090c7f7be3b26fcb80ac04d08a4a8062b1d959
- https://git.kernel.org/stable/c/724e7965af054079242b8d6f7e50ee226730a756
- https://git.kernel.org/stable/c/842afb47d84536fc976fece8fb6c54bea711ad1a
- https://git.kernel.org/stable/c/9dadab0db7d904413ea1cdaa13f127da05c31e71
- https://git.kernel.org/stable/c/be4e1304419c99a164b4c0e101c7c2a756b635b9
- https://git.kernel.org/stable/c/d85ca8179a54ff8cf1e1f8c3c9e3799831319bae
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
