CVE-2024-49977
📋 TL;DR
A division-by-zero vulnerability in the Linux kernel's STMMAC network driver occurs when disabling tc-cbs (traffic control credit-based shaper) functionality. This causes a kernel panic or system crash on affected systems. The vulnerability affects Linux systems using the STMMAC driver for Ethernet controllers.
💻 Affected Systems
- Linux kernel with STMMAC driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to complete system crash and denial of service, requiring physical or remote reboot to restore functionality.
Likely Case
System crash when network administrators attempt to disable tc-cbs functionality on affected systems, causing temporary service disruption.
If Mitigated
No impact if tc-cbs is not used or if systems are patched before attempting to disable this functionality.
🎯 Exploit Status
Exploitation requires local privileged access to trigger the condition by disabling tc-cbs. This is more likely to be triggered accidentally during configuration changes than maliciously exploited.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in Linux kernel stable versions via commits: 03582f4752427f60817d896f1a827aff772bd31e, 5d43e1ad4567d67af2b42d3ab7c14152ffed25c6, 675faf5a14c14a2be0b870db30a70764df81e2df, 837d9df9c0792902710149d1a5e0991520af0f93, b0da9504a528f05f97d926b4db74ff21917a33e9
Vendor Advisory: https://git.kernel.org/stable/c/03582f4752427f60817d896f1a827aff772bd31e
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix commits. 2. Check with your distribution vendor for specific kernel package updates. 3. Reboot the system to load the new kernel.
🔧 Temporary Workarounds
Avoid disabling tc-cbs
linuxDo not attempt to disable tc-cbs (traffic control credit-based shaper) functionality on systems using STMMAC drivers
🧯 If You Can't Patch
- Avoid making configuration changes that would disable tc-cbs functionality on affected systems
- Implement monitoring for kernel panic events and have recovery procedures ready
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if STMMAC driver is loaded: 'uname -r' and 'lsmod | grep stmmac'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated beyond vulnerable range and test tc-cbs disable functionality in a controlled environment📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg output
- System crash/reboot events
Network Indicators:
- Sudden loss of network connectivity on affected interfaces
SIEM Query:
search 'kernel panic' OR 'division by zero' OR 'Oops' in system logs🔗 References
- https://git.kernel.org/stable/c/03582f4752427f60817d896f1a827aff772bd31e
- https://git.kernel.org/stable/c/5d43e1ad4567d67af2b42d3ab7c14152ffed25c6
- https://git.kernel.org/stable/c/675faf5a14c14a2be0b870db30a70764df81e2df
- https://git.kernel.org/stable/c/837d9df9c0792902710149d1a5e0991520af0f93
- https://git.kernel.org/stable/c/b0da9504a528f05f97d926b4db74ff21917a33e9
- https://git.kernel.org/stable/c/e297a2bf56d12fd7f91a0c209eb6ea84361f3368
- https://git.kernel.org/stable/c/e33fe25b1efe4f2e6a5858786dbc82ae4c44ed4c
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
