CVE-2024-42309
📋 TL;DR
This CVE describes a null pointer dereference vulnerability in the Linux kernel's drm/gma500 graphics driver. If exploited, it could cause a kernel panic or system crash when the affected function fails to allocate memory. Systems using the gma500 graphics driver with unpatched Linux kernels are affected.
💻 Affected Systems
- Linux kernel with gma500 graphics driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or system instability.
Likely Case
System crash or kernel panic when the graphics driver attempts to allocate memory in specific conditions, resulting in denial of service.
If Mitigated
No impact if the system is patched or doesn't use the gma500 driver.
🎯 Exploit Status
Exploitation requires triggering the specific psb_intel_lvds_get_modes() function with conditions that cause drm_mode_duplicate() to fail.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel versions containing the fix commits listed in references
Vendor Advisory: https://git.kernel.org/stable/c/13b5f3ee94bdbdc4b5f40582aab62977905aedee
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable gma500 driver
linuxBlacklist or disable the gma500 graphics driver if not needed
echo 'blacklist gma500' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Restrict local user access to systems using gma500 driver
- Monitor system logs for kernel panic events related to graphics driver
🔍 How to Verify
Check if Vulnerable:
Check if system uses gma500 driver: lsmod | grep gma500 AND check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to patched version and gma500 driver loads without issues📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- NULL pointer dereference errors in kernel logs
- Graphics driver crash logs
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "kernel panic" OR "gma500" OR "psb_intel_lvds")🔗 References
- https://git.kernel.org/stable/c/13b5f3ee94bdbdc4b5f40582aab62977905aedee
- https://git.kernel.org/stable/c/2df7aac81070987b0f052985856aa325a38debf6
- https://git.kernel.org/stable/c/46d2ef272957879cbe30a884574320e7f7d78692
- https://git.kernel.org/stable/c/475a5b3b7c8edf6e583a9eb59cf28ea770602e14
- https://git.kernel.org/stable/c/6735d02ead7dd3adf74eb8b70aebd09e0ce78ec9
- https://git.kernel.org/stable/c/7e52c62ff029f95005915c0a11863b5fb5185c8c
- https://git.kernel.org/stable/c/d6ad202f73f8edba0cbc0065aa57a79ffe8fdcdc
- https://git.kernel.org/stable/c/f70ffeca546452d1acd3a70ada56ecb2f3e7f811
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
