CVE-2024-42129
📋 TL;DR
This CVE describes a use-after-free vulnerability in the Linux kernel's mlxreg LED driver. When the driver module is removed, a mutex is destroyed while LED cleanup functions still need to access it, potentially causing kernel crashes or instability. This affects systems using Mellanox hardware with the mlxreg LED driver loaded.
💻 Affected Systems
- Linux kernel with mlxreg LED driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service and potential data loss.
Likely Case
System instability or kernel oops when unloading the mlxreg LED driver module.
If Mitigated
No impact if the driver module is not loaded or if patched kernel is used.
🎯 Exploit Status
Requires local access and ability to unload kernel modules. Likely discovered through code review rather than active exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 172ffd26a5af13e951d0e82df7cfc5a95b04fa80, 3b62888307ae44b68512d3f7735c26a4c8e45b51, 618c6ce83471ab4f7ac744d27b9d03af173bc141, efc347b9efee1c2b081f5281d33be4559fa50a16
Vendor Advisory: https://git.kernel.org/stable/c/172ffd26a5af13e951d0e82df7cfc5a95b04fa80
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel.
🔧 Temporary Workarounds
Unload mlxreg LED driver
linuxPrevent exploitation by unloading the vulnerable driver module
sudo rmmod mlxreg-led
Blacklist mlxreg LED driver
linuxPrevent driver from loading at boot
echo 'blacklist mlxreg-led' | sudo tee /etc/modprobe.d/mlxreg-led-blacklist.conf
🧯 If You Can't Patch
- Unload mlxreg-led module if not required for system functionality
- Restrict module loading permissions to prevent unauthorized module manipulation
🔍 How to Verify
Check if Vulnerable:
Check if mlxreg-led module is loaded: lsmod | grep mlxreg-ledCheck Version:
uname -rVerify Fix Applied:
Check kernel version against patched versions from your distribution vendor📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages in /var/log/kern.log or dmesg
- System crash logs when unloading mlxreg-led module
Network Indicators:
- None - local vulnerability only
SIEM Query:
Search for kernel panic or oops events related to mlxreg-led or mutex operations🔗 References
- https://git.kernel.org/stable/c/172ffd26a5af13e951d0e82df7cfc5a95b04fa80
- https://git.kernel.org/stable/c/3b62888307ae44b68512d3f7735c26a4c8e45b51
- https://git.kernel.org/stable/c/618c6ce83471ab4f7ac744d27b9d03af173bc141
- https://git.kernel.org/stable/c/efc347b9efee1c2b081f5281d33be4559fa50a16
- https://git.kernel.org/stable/c/3b62888307ae44b68512d3f7735c26a4c8e45b51
- https://git.kernel.org/stable/c/efc347b9efee1c2b081f5281d33be4559fa50a16
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
