CVE-2024-46849 – This CVE describes a use-after-free vulnerabili... (How to Fix)

Q: What is the severity of CVE-2024-46849?

CVE-2024-46849 has a CVSS score of 7.8 (HIGH). This CVE describes a use-after-free vulnerability in the Linux kernel's ASoC (Audio System on Chip) subsystem for Amlogic AXG sound cards. The vulnerability occurs when the 'card->dai_link' buffer is reallocated but a 'pad' pointer continues to reference the old memory location, potentially allowing attackers to execute arbitrary code or cause system crashes. This affects Linux systems using the affected ASoC driver.

📋 TL;DR

This CVE describes a use-after-free vulnerability in the Linux kernel's ASoC (Audio System on Chip) subsystem for Amlogic AXG sound cards. The vulnerability occurs when the 'card->dai_link' buffer is reallocated but a 'pad' pointer continues to reference the old memory location, potentially allowing attackers to execute arbitrary code or cause system crashes. This affects Linux systems using the affected ASoC driver.

💻 Affected Systems

Products:

Linux kernel with ASoC meson axg-card driver

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only vulnerable if the snd_soc_meson_axg_sound_card module is loaded, typically on systems with Amlogic AXG audio hardware.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel mode, allowing complete system compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Kernel panic leading to system crash and denial of service, requiring reboot to restore functionality.

🟢

If Mitigated

Limited impact due to SELinux/AppArmor restrictions or container isolation preventing kernel access.

🌐 Internet-Facing: LOW - Requires local access to exploit; not directly reachable via network.

🏢 Internal Only: MEDIUM - Local users or compromised services could exploit this for privilege escalation or DoS attacks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to load/modify kernel modules. The KASAN report suggests the bug is detectable during module loading.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 4f9a71435953f941969a4f017e2357db62d85a86, 5a2cc2bb81399e9ebc72560541137eb04d61dc3d, 7d318166bf55e9029d56997c3b134f4ac2ae2607, a33145f494e6cb82f3e018662cc7c4febf271f22, e1a199ec31617242e1a0ea8f312341e682d0c037

Vendor Advisory: https://git.kernel.org/stable/c/4f9a71435953f941969a4f017e2357db62d85a86

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories. 3. Reboot system to load patched kernel.

🔧 Temporary Workarounds

Disable vulnerable kernel module

linux

Prevent loading of the affected snd_soc_meson_axg_sound_card module

echo 'blacklist snd_soc_meson_axg_sound_card' >> /etc/modprobe.d/blacklist.conf
rmmod snd_soc_meson_axg_sound_card

🧯 If You Can't Patch

Restrict local user access to systems with vulnerable kernel
Implement strict SELinux/AppArmor policies to limit kernel module operations

🔍 How to Verify

Check if Vulnerable:

Check if snd_soc_meson_axg_sound_card module is loaded: lsmod | grep snd_soc_meson_axg_sound_card

Check Version:

uname -r

Verify Fix Applied:

Check kernel version against distribution security advisory; verify module loads without KASAN errors

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
KASAN use-after-free reports in dmesg
Failed module loading attempts

Network Indicators:

None - local exploitation only

SIEM Query:

source="kernel" AND ("KASAN" OR "use-after-free" OR "snd_soc_meson")

📊 Metadata

CVE ID: CVE-2024-46849

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: September 27, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46849, you might also want to check these: