CVE-2024-50035
📋 TL;DR
A vulnerability in the Linux kernel's PPP (Point-to-Point Protocol) implementation allows illegal memory access when processing empty network packets. This affects systems using PPP or PPPoE networking, potentially leading to kernel memory corruption. The issue occurs when pppoe_sendmsg() is called with zero-size data, triggering uninitialized value access in ppp_async_encode().
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic, system crash, or potential kernel memory corruption leading to arbitrary code execution with kernel privileges.
Likely Case
System instability, kernel crashes, or denial of service affecting PPP/PPPoE network connectivity.
If Mitigated
Limited impact if PPP/PPPoE is not used or if systems are patched; isolated to affected network interfaces only.
🎯 Exploit Status
Reported by syzbot fuzzer; exploitation requires sending specially crafted network packets to PPP/PPPoE interfaces. No public exploits known at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with fixes: 30d91a478d58cbae3dbaa8224d17d0d839f0d71b, 40dddd4b8bd08a69471efd96107a4e1c73fabefc, 4151ec65abd755133ebec687218fadd2d2631167, 8dfe93901b410ae41264087427f3b9f389388f83, 8fe992ff3df493d1949922ca234419f3ede08dff
Vendor Advisory: https://git.kernel.org/stable/c/30d91a478d58cbae3dbaa8224d17d0d839f0d71b
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. For custom kernels, apply the relevant commit from kernel git. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable PPP/PPPoE
linuxIf PPP/PPPoE is not required, disable the modules to eliminate attack surface.
sudo modprobe -r pppoe
sudo modprobe -r ppp_async
sudo modprobe -r ppp_generic
Add 'blacklist pppoe', 'blacklist ppp_async', 'blacklist ppp_generic' to /etc/modprobe.d/blacklist.conf
Network filtering
linuxBlock PPPoE traffic at network boundaries if not required.
iptables -A INPUT -p pppoes -j DROP
iptables -A FORWARD -p pppoes -j DROP
🧯 If You Can't Patch
- Disable all PPP and PPPoE network interfaces
- Implement strict network segmentation to isolate PPP/PPPoE traffic
🔍 How to Verify
Check if Vulnerable:
Check if PPP/PPPoE modules are loaded: lsmod | grep -E 'ppp|pppoe'. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the fix commits. Check that PPP functionality still works normally after patch.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- KMSAN (Kernel Memory Sanitizer) reports of uninit-value in ppp_async_encode
- System crashes when using PPP/PPPoE
Network Indicators:
- Unusual PPPoE traffic patterns
- Multiple zero-length PPP packets
SIEM Query:
source="kernel" AND ("ppp_async_encode" OR "KMSAN" OR "uninit-value")🔗 References
- https://git.kernel.org/stable/c/30d91a478d58cbae3dbaa8224d17d0d839f0d71b
- https://git.kernel.org/stable/c/40dddd4b8bd08a69471efd96107a4e1c73fabefc
- https://git.kernel.org/stable/c/4151ec65abd755133ebec687218fadd2d2631167
- https://git.kernel.org/stable/c/8dfe93901b410ae41264087427f3b9f389388f83
- https://git.kernel.org/stable/c/8fe992ff3df493d1949922ca234419f3ede08dff
- https://git.kernel.org/stable/c/c007a14797240607038bd3464501109f408940e2
- https://git.kernel.org/stable/c/ce249a4c68d0ce27a8c5d853338d502e2711a314
- https://git.kernel.org/stable/c/fadf8fdb3110d3138e05c3765f645535434f8d76
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
