CVE-2024-42277 – A NULL pointer dereference vulnerability in the... (How to Fix)

Q: What is the severity of CVE-2024-42277?

CVE-2024-42277 has a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference vulnerability in the Linux kernel's Spreadtrum IOMMU driver allows local attackers to cause a kernel panic or system crash. This affects Linux systems using the sprd-iommu driver, primarily on devices with Spreadtrum chipsets. Attackers need local access to trigger the vulnerability.

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's Spreadtrum IOMMU driver allows local attackers to cause a kernel panic or system crash. This affects Linux systems using the sprd-iommu driver, primarily on devices with Spreadtrum chipsets. Attackers need local access to trigger the vulnerability.

💻 Affected Systems

Products:

Linux kernel with Spreadtrum IOMMU driver (sprd-iommu)

Versions: Linux kernel versions containing the vulnerable sprd-iommu driver code before the fix commits

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Spreadtrum hardware using the sprd-iommu driver. Most general-purpose Linux distributions are not affected unless specifically built for Spreadtrum devices.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to denial of service (system crash), potentially causing data loss or service disruption.

🟠

Likely Case

Local denial of service through kernel panic when the vulnerable cleanup function is called.

🟢

If Mitigated

Minimal impact with proper access controls preventing local attackers from reaching the vulnerable code path.

🌐 Internet-Facing: LOW - Requires local access to exploit, not directly reachable from network.

🏢 Internal Only: MEDIUM - Local attackers or malicious processes could trigger denial of service on affected systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local access and ability to trigger the sprd_iommu_cleanup() function. No authentication bypass needed beyond local access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 630482ee0653decf9e2482ac6181897eb6cde5b8, 8c79ceb4ecf823e6ec10fee6febb0fca3de79922, b62841e49a2b7938f6fdeaaf93fb57e4eb880bdb, d5fe884ce28c5005f8582c35333c195a168f841c, dfe90030a0cfa26dca4cb6510de28920e5ad22fb

Vendor Advisory: https://git.kernel.org/stable/c/630482ee0653decf9e2482ac6181897eb6cde5b8

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Rebuild kernel if compiling from source. 3. Reboot system to load patched kernel.

🔧 Temporary Workarounds

Disable Spreadtrum IOMMU driver

linux

Remove or blacklist the sprd-iommu driver if not required for system functionality

echo 'blacklist sprd-iommu' >> /etc/modprobe.d/blacklist.conf
rmmod sprd_iommu

🧯 If You Can't Patch

Restrict local access to prevent unauthorized users from triggering the vulnerability
Implement strict process isolation and limit access to kernel interfaces

🔍 How to Verify

Check if Vulnerable:

Check if sprd-iommu driver is loaded: lsmod | grep sprd_iommu

Check Version:

uname -r

Verify Fix Applied:

Check kernel version includes fix commits or verify sprd_iommu driver version

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/kern.log or dmesg
NULL pointer dereference errors mentioning sprd_iommu

Network Indicators:

No network indicators - local vulnerability only

SIEM Query:

source="kernel" AND ("NULL pointer dereference" OR "kernel panic") AND "sprd_iommu"

📊 Metadata

CVE ID: CVE-2024-42277

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: August 17, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-42277, you might also want to check these: