Login Sign Up

CVE-2024-46852

7.8 HIGH

📋 TL;DR

A Linux kernel vulnerability in the CMA heap fault handler allows an attacker to bypass boundary checks and potentially insert arbitrary pages into memory mappings. This affects systems using the DMA-BUF CMA heap feature in the Linux kernel. Attackers could exploit this to cause memory corruption or potentially escalate privileges.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires CMA heap functionality to be enabled and used. Most standard Linux distributions with DMA-BUF support are affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise through memory corruption and arbitrary code execution.

🟠

Likely Case

System crashes, denial of service, or limited information disclosure through memory corruption.

🟢

If Mitigated

Minimal impact if systems are properly patched and have standard kernel hardening protections enabled.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring local access to exploit.
🏢 Internal Only: MEDIUM - Internal users with local access could potentially exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and knowledge of kernel memory management. No public exploits are currently known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 79cce5e81d20fa9ad553be439d665ac3302d3c95, 84175dc5b2c932266a50c04e5ce342c30f817a2f, e79050882b857c37634baedbdcf7c2047c24cbff, ea5ff5d351b520524019f7ff7f9ce418de2dad87, eb7fc8b65cea22f9038c52398c8b22849e9620ea

Vendor Advisory: https://git.kernel.org/stable/c/79cce5e81d20fa9ad553be439d665ac3302d3c95

Restart Required: Yes

Instructions:

1. Update to a patched kernel version from your Linux distribution vendor. 2. Reboot the system to load the new kernel. 3. Verify the kernel version after reboot.

🔧 Temporary Workarounds

Disable CMA heap functionality

linux

Disable the CMA heap feature if not required for system operation

echo 'blacklist cma_heap' >> /etc/modprobe.d/blacklist.conf
rmmod cma_heap

🧯 If You Can't Patch

  • Restrict local user access to systems using mandatory access controls like SELinux or AppArmor
  • Implement strict privilege separation and limit user capabilities using capabilities(7) or namespaces

🔍 How to Verify

Check if Vulnerable:

Check kernel version and verify if it contains the vulnerable code before the fix commits

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version contains one of the fix commits listed in the patch version field

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages
  • System crashes related to DMA operations
  • Unexpected memory access errors in kernel logs

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

Search for kernel panic logs or oops messages containing references to 'dma-buf', 'CMA', or 'heap fault'

📊 Metadata

CVE ID: CVE-2024-46852
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-193
Published: September 27, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46852, you might also want to check these:

CVE-2024-10442 10.0

This critical vulnerability allows remote attackers to execute arbitrary code on affected Synology s...

Same vulnerability type (CWE-193)
CVE-2023-46853 9.8

This CVE describes an off-by-one error in Memcached proxy mode when processing requests with newline...

Same vulnerability type (CWE-193)
CVE-2024-38441 9.8

This CVE describes a heap-based buffer overflow vulnerability in Netatalk's AFP service due to an of...

Same vulnerability type (CWE-193)