CVE-2024-46768
📋 TL;DR
A NULL pointer dereference vulnerability exists in the Linux kernel's hp-wmi-sensors hardware monitoring driver. When the BIOS returns no event data for a WMI event, the driver fails to check for NULL before accessing the data, potentially causing a kernel panic or system crash. This affects Linux systems using the hp-wmi-sensors driver, particularly HP hardware.
💻 Affected Systems
- Linux kernel with hp-wmi-sensors driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical reboot.
Likely Case
System instability or crash when specific WMI events occur without data, causing temporary denial of service.
If Mitigated
Minor system disruption with automatic recovery if kernel panic handling is configured.
🎯 Exploit Status
Exploitation requires ability to trigger specific WMI events that return NULL data. Likely requires local access or privileged execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 217539e994e5, 4b19c83ba108, a54da9df75cd
Vendor Advisory: https://git.kernel.org/stable/c/217539e994e53206bbf3fb330261cc78c480d311
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable hp-wmi-sensors module
linuxPrevent loading of the vulnerable driver module
echo 'blacklist hp-wmi-sensors' >> /etc/modprobe.d/blacklist.conf
rmmod hp-wmi-sensors
🧯 If You Can't Patch
- Monitor system logs for kernel panic events related to WMI
- Restrict local user access to systems with vulnerable configurations
🔍 How to Verify
Check if Vulnerable:
Check if hp-wmi-sensors module is loaded: lsmod | grep hp-wmi-sensorsCheck Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits or verify module version📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- NULL pointer dereference errors in dmesg
- WMI-related error messages
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer" OR "kernel panic" OR "hp-wmi-sensors")