CVE-2024-42123 – This CVE describes a double-free vulnerability ... (How to Fix)

Q: What is the severity of CVE-2024-42123?

CVE-2024-42123 has a CVSS score of 4.4 (MEDIUM). This CVE describes a double-free vulnerability in the AMD GPU driver within the Linux kernel. When triggered, it could cause kernel crashes or potentially allow local privilege escalation. Systems running Linux with AMD GPUs and the affected kernel versions are vulnerable.

📋 TL;DR

This CVE describes a double-free vulnerability in the AMD GPU driver within the Linux kernel. When triggered, it could cause kernel crashes or potentially allow local privilege escalation. Systems running Linux with AMD GPUs and the affected kernel versions are vulnerable.

💻 Affected Systems

Products:

Linux kernel with AMD GPU driver (drm/amdgpu)

Versions: Specific kernel versions containing the vulnerable code (check git commits for exact ranges)

Operating Systems: Linux distributions with affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires AMD GPU hardware and the amdgpu driver to be loaded and active.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise, or kernel panic causing system instability and denial of service.

🟠

Likely Case

Kernel crash or system instability when the AMD GPU driver handles bad memory pages during polling operations.

🟢

If Mitigated

Minor system instability or warning messages in kernel logs without significant impact.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring access to the system.

🏢 Internal Only: MEDIUM - Local users or processes could potentially exploit this to escalate privileges or cause denial of service.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and specific conditions to trigger the double-free condition during bad page polling.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 506c245f3f1cd989cb89811a7f06e04ff8813a0d and 8e24beb3c2b08a4763f920399a9cc577ed440a1a

Vendor Advisory: https://git.kernel.org/stable/c/506c245f3f1cd989cb89811a7f06e04ff8813a0d

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Reboot system. 3. Verify kernel version and that amdgpu module loads correctly.

🔧 Temporary Workarounds

Disable AMD GPU driver

linux

Temporarily disable the vulnerable amdgpu driver if AMD GPU is not essential

echo 'blacklist amdgpu' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

Restrict local user access to systems with AMD GPUs
Monitor kernel logs for double-free warnings related to amdgpu

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if amdgpu module is loaded: lsmod | grep amdgpu

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check dmesg for absence of double-free warnings related to amdgpu_umc

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
Double-free warnings in dmesg
amdgpu driver crash logs

Network Indicators:

None - local vulnerability only

SIEM Query:

source="kernel" AND ("double free" OR "amdgpu" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2024-42123

CVSS v3 Score: 4.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-415

Published: July 30, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-42123, you might also want to check these: