CVE-2024-42106
📋 TL;DR
This CVE describes an uninitialized memory access vulnerability in the Linux kernel's inet_diag subsystem. When converting between diagnostic request structures, the 'pad' field in inet_diag_req_v2 is left uninitialized, which raw socket diagnostics then read as protocol information. This affects Linux systems using raw socket diagnostics.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory disclosure leading to information leakage, potential kernel panic or denial of service, and possible privilege escalation if combined with other vulnerabilities.
Likely Case
Information disclosure of kernel memory contents, potential kernel crash or instability when raw socket diagnostics are used.
If Mitigated
Minimal impact if raw socket diagnostics are not used or access is restricted.
🎯 Exploit Status
Exploitation requires local access and ability to make specific diagnostic requests. The vulnerability was discovered through KMSAN (Kernel Memory Sanitizer) testing.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 0184bf0a349f4cf9e663abbe862ff280e8e4dfa2, 61cf1c739f08190a4cbf047b9fbb192a94d87e3f, 7094a5fd20ab66028f1da7f06e0f2692d70346f9, 76965648fe6858db7c5f3c700fef7aa5f124ca1c, 7ef519c8efde152e0d632337f2994f6921e0b7e4
Vendor Advisory: https://git.kernel.org/stable/c/0184bf0a349f4cf9e663abbe862ff280e8e4dfa2
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commits. 2. Check your distribution's security advisories for backported patches. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Restrict raw socket diagnostics access
linuxLimit access to raw socket diagnostic functionality to prevent triggering the vulnerability.
sysctl -w net.ipv4.raw_l3mdev_accept=0
Restrict CAP_NET_ADMIN capabilities
🧯 If You Can't Patch
- Restrict user access to diagnostic tools that use raw socket functionality
- Implement strict capability controls to limit CAP_NET_ADMIN access
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if it contains the fix commits. Use: uname -r and compare with distribution security advisories.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and contains the fix commits. Check /proc/version or use package manager to verify kernel package.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- KMSAN error reports in dmesg
- Unexpected raw socket diagnostic requests
Network Indicators:
- Unusual raw socket diagnostic traffic
SIEM Query:
Process execution of diagnostic tools with raw socket access OR kernel logs containing 'KMSAN' or 'uninit-value' errors🔗 References
- https://git.kernel.org/stable/c/0184bf0a349f4cf9e663abbe862ff280e8e4dfa2
- https://git.kernel.org/stable/c/61cf1c739f08190a4cbf047b9fbb192a94d87e3f
- https://git.kernel.org/stable/c/7094a5fd20ab66028f1da7f06e0f2692d70346f9
- https://git.kernel.org/stable/c/76965648fe6858db7c5f3c700fef7aa5f124ca1c
- https://git.kernel.org/stable/c/7ef519c8efde152e0d632337f2994f6921e0b7e4
- https://git.kernel.org/stable/c/8366720519ea8d322a20780debdfd23d9fc0904a
- https://git.kernel.org/stable/c/d6f487e0704de2f2d15f8dd5d7d723210f2b2fdb
- https://git.kernel.org/stable/c/f9b2010e8af49fac9d9562146fb81744d8a9b051
- https://git.kernel.org/stable/c/0184bf0a349f4cf9e663abbe862ff280e8e4dfa2
- https://git.kernel.org/stable/c/61cf1c739f08190a4cbf047b9fbb192a94d87e3f
- https://git.kernel.org/stable/c/7094a5fd20ab66028f1da7f06e0f2692d70346f9
- https://git.kernel.org/stable/c/76965648fe6858db7c5f3c700fef7aa5f124ca1c
- https://git.kernel.org/stable/c/7ef519c8efde152e0d632337f2994f6921e0b7e4
- https://git.kernel.org/stable/c/8366720519ea8d322a20780debdfd23d9fc0904a
- https://git.kernel.org/stable/c/d6f487e0704de2f2d15f8dd5d7d723210f2b2fdb
- https://git.kernel.org/stable/c/f9b2010e8af49fac9d9562146fb81744d8a9b051
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
