CVE-2024-43904
📋 TL;DR
This CVE describes a null pointer dereference vulnerability in the AMD display driver within the Linux kernel. If exploited, it could cause a kernel crash (kernel panic) leading to system instability or denial of service. This affects Linux systems with AMD graphics hardware using the affected kernel versions.
💻 Affected Systems
- Linux kernel with AMD GPU drivers
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, requiring physical or remote reboot, potentially causing data loss or service disruption.
Likely Case
System instability or crash when specific display operations are performed, requiring reboot to recover.
If Mitigated
No impact if proper kernel hardening is in place and system is patched.
🎯 Exploit Status
Exploitation requires triggering specific display operations that cause null pointer dereference. Likely requires local access or ability to manipulate display operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the fix commits referenced in the CVE
Vendor Advisory: https://git.kernel.org/stable/c/10c20d79d59cadfe572480d98cec271a89ffb024
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable AMD GPU power optimizations
linuxPrevent the vulnerable code path from being triggered by disabling idle power optimizations for AMD GPUs
echo 'options amdgpu dcfeaturemask=0' > /etc/modprobe.d/amdgpu-disable-power-opt.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Restrict local user access to systems with AMD GPUs
- Monitor system logs for kernel panic events related to display operations
🔍 How to Verify
Check if Vulnerable:
Check if kernel version is affected by examining kernel source or checking if system has AMD GPU and vulnerable kernel versionCheck Version:
uname -rVerify Fix Applied:
Verify kernel version contains one of the fix commit hashes: 10c20d79d59cadfe572480d98cec271a89ffb024, 15c2990e0f0108b9c3752d7072a97d45d4283aea, 16a8a2a839d19c4cf7253642b493ffb8eee1d857, 5e84eda48ffb2363437db44bbd0235594f8a58f9, or fcf9d6a9f30ea414b6b84a6e901cebd44e146847📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- AMD GPU driver crash logs
- System crash/reboot events
Network Indicators:
- None - local vulnerability
SIEM Query:
event_type:"kernel_panic" OR event_type:"system_crash" AND process_name:"amdgpu" OR message:"dcn30_apply_idle_power_optimizations"🔗 References
- https://git.kernel.org/stable/c/10c20d79d59cadfe572480d98cec271a89ffb024
- https://git.kernel.org/stable/c/15c2990e0f0108b9c3752d7072a97d45d4283aea
- https://git.kernel.org/stable/c/16a8a2a839d19c4cf7253642b493ffb8eee1d857
- https://git.kernel.org/stable/c/5e84eda48ffb2363437db44bbd0235594f8a58f9
- https://git.kernel.org/stable/c/fcf9d6a9f30ea414b6b84a6e901cebd44e146847
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
