CVE-2024-46822
📋 TL;DR
This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's ACPI subsystem for ARM64 systems. If triggered, it could cause a kernel panic leading to denial of service. The vulnerability affects ARM64 Linux systems using ACPI for CPU management.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical access to reboot the system.
Likely Case
System crash or kernel panic resulting in temporary denial of service until system reboot.
If Mitigated
No impact if the vulnerable code path cannot be triggered or if systems have proper isolation.
🎯 Exploit Status
No known public exploit exists. The vulnerability requires specific conditions to trigger and local access to the system.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits referenced in CVE)
Vendor Advisory: https://git.kernel.org/stable/c/2488444274c70038eb6b686cba5f1ce48ebb9cdd
Restart Required: Yes
Instructions:
1. Update to a patched kernel version from your distribution vendor. 2. Rebuild kernel if compiling from source with the provided patches. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable CPU hotplug
linuxPrevent CPU hotplug operations that could trigger the vulnerable code path
echo 0 > /sys/devices/system/cpu/cpuX/online (for each CPU)
🧯 If You Can't Patch
- Restrict local user access to prevent potential exploitation
- Implement strict process isolation and privilege separation
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if running on ARM64 with ACPI enabled: 'uname -r' and check /sys/firmware/acpi/tablesCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to include the patched commits: 'uname -r' and check kernel changelog📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- NULL pointer dereference errors in kernel logs
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "kernel panic" OR "Oops")🔗 References
- https://git.kernel.org/stable/c/2488444274c70038eb6b686cba5f1ce48ebb9cdd
- https://git.kernel.org/stable/c/40cae0df42e5e7f7a1c0f32deed9c4027c1ba94e
- https://git.kernel.org/stable/c/4c3b21204abb4fa3ab310fbbb5cf7f0e85f3a1bc
- https://git.kernel.org/stable/c/62ca6d3a905b4c40cd942f3cc645a6718f8bc7e7
- https://git.kernel.org/stable/c/945be49f4e832a9184c313fdf8917475438a795b
- https://git.kernel.org/stable/c/bc7fbb37e3d2df59336eadbd6a56be632e3c7df7
- https://git.kernel.org/stable/c/f57769ff6fa7f97f1296965f20e8a2bb3ee9fd0f
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
