CVE-2024-42096
📋 TL;DR
This CVE describes a kernel memory access vulnerability in the Linux kernel's profile_pc() function that improperly accesses stack memory. It affects Linux systems using timer-based profiling and could allow information disclosure or kernel crashes. The vulnerability primarily impacts systems with specific kernel configurations and profiling enabled.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service, or potential information disclosure of kernel stack memory contents.
Likely Case
Kernel Address Sanitizer (KASAN) warnings and potential system instability when profiling is active, but no direct remote exploitation.
If Mitigated
Minimal impact as most systems don't use timer-based profiling by default; KASAN warnings are the primary observable effect.
🎯 Exploit Status
Primarily causes KASAN warnings and has been reported by syzkaller fuzzer for years. No known active exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with commits listed in references
Vendor Advisory: https://git.kernel.org/stable/c/093d9603b60093a9aaae942db56107f6432a5dca
Restart Required: Yes
Instructions:
1. Update to a patched kernel version from your distribution vendor. 2. Reboot the system. 3. Verify the kernel version matches patched release.
🔧 Temporary Workarounds
Disable timer-based profiling
linuxDisable CONFIG_PROFILING kernel configuration option to remove vulnerable code path
echo 'CONFIG_PROFILING=n' >> .config
make oldconfig
make -j$(nproc)
make modules_install
make install
🧯 If You Can't Patch
- Ensure CONFIG_PROFILING is disabled in kernel configuration
- Restrict local user access and monitor for KASAN warnings in kernel logs
🔍 How to Verify
Check if Vulnerable:
Check kernel config for CONFIG_PROFILING=y and kernel version against affected rangesCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to include one of the fix commits, or CONFIG_PROFILING is disabled📡 Detection & Monitoring
Log Indicators:
- KASAN warnings in kernel logs (dmesg)
- System instability or crashes when profiling is active
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
Search for 'KASAN' or 'profile_pc' in kernel logs🔗 References
- https://git.kernel.org/stable/c/093d9603b60093a9aaae942db56107f6432a5dca
- https://git.kernel.org/stable/c/161cef818545ecf980f0e2ebaf8ba7326ce53c2b
- https://git.kernel.org/stable/c/16222beb9f8e5ceb0beeb5cbe54bef16df501a92
- https://git.kernel.org/stable/c/27c3be840911b15a3f24ed623f86153c825b6b29
- https://git.kernel.org/stable/c/2d07fea561d64357fb7b3f3751e653bf20306d77
- https://git.kernel.org/stable/c/49c09ca35a5f521d7fa18caf62fdf378f15e8aa4
- https://git.kernel.org/stable/c/65ebdde16e7f5da99dbf8a548fb635837d78384e
- https://git.kernel.org/stable/c/a3b65c8cbc139bfce9541bc81c1bb766e5ba3f68
- https://git.kernel.org/stable/c/093d9603b60093a9aaae942db56107f6432a5dca
- https://git.kernel.org/stable/c/161cef818545ecf980f0e2ebaf8ba7326ce53c2b
- https://git.kernel.org/stable/c/16222beb9f8e5ceb0beeb5cbe54bef16df501a92
- https://git.kernel.org/stable/c/27c3be840911b15a3f24ed623f86153c825b6b29
- https://git.kernel.org/stable/c/2d07fea561d64357fb7b3f3751e653bf20306d77
- https://git.kernel.org/stable/c/49c09ca35a5f521d7fa18caf62fdf378f15e8aa4
- https://git.kernel.org/stable/c/65ebdde16e7f5da99dbf8a548fb635837d78384e
- https://git.kernel.org/stable/c/a3b65c8cbc139bfce9541bc81c1bb766e5ba3f68
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
