Login Sign Up

CVE-2024-42288

5.5 MEDIUM

📋 TL;DR

This CVE describes a memory corruption vulnerability in the Linux kernel's QLogic Fibre Channel driver (qla2xxx). An incorrect dereference of the Init Control Block could allow attackers with local access to cause kernel memory corruption, potentially leading to system crashes or privilege escalation. Systems using affected Linux kernel versions with the qla2xxx driver loaded are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel with qla2xxx driver
Versions: Specific kernel versions containing the vulnerable code (check git commits for exact ranges)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only vulnerable when qla2xxx driver is loaded (typically on systems with QLogic Fibre Channel HBAs).

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to root, complete system compromise, or persistent denial of service through kernel panic.

🟠

Likely Case

System crash or kernel panic requiring reboot, potentially causing service disruption.

🟢

If Mitigated

Limited to denial of service if proper access controls prevent local user exploitation.

🌐 Internet-Facing: LOW - Requires local access to exploit, not directly reachable from internet.
🏢 Internal Only: MEDIUM - Local users or compromised accounts could exploit this to disrupt systems or escalate privileges.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and knowledge of driver internals. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing fixes from the provided git commits

Vendor Advisory: https://git.kernel.org/stable/c/2a15b59a2c5afac89696e44acf5bbfc0599c6c5e

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify qla2xxx driver version matches patched kernel.

🔧 Temporary Workarounds

Unload qla2xxx driver

linux

Remove the vulnerable driver if QLogic hardware is not required

sudo rmmod qla2xxx

Restrict local access

all

Limit local user accounts and implement strict access controls

🧯 If You Can't Patch

  • Implement strict local access controls and limit user privileges
  • Monitor systems for unexpected crashes or kernel panics

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if qla2xxx module is loaded: lsmod | grep qla2xxx

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check dmesg for qla2xxx driver loading without errors

📡 Detection & Monitoring

Log Indicators:

  • Kernel panics
  • System crashes
  • qla2xxx driver error messages in dmesg

Network Indicators:

  • None - local exploitation only

SIEM Query:

Search for 'kernel panic', 'Oops', or 'qla2xxx' in system logs

📊 Metadata

CVE ID: CVE-2024-42288
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-787
Published: August 17, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-42288, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2018-6692 10.0

This vulnerability allows remote attackers to execute arbitrary code on Belkin Wemo Insight Smart Pl...

Same vulnerability type (CWE-787)