CVE-2024-50067 – This CVE describes an out-of-bounds memory acce... (How to Fix)

Q: What is the severity of CVE-2024-50067?

CVE-2024-50067 has a CVSS score of 7.8 (HIGH). This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's uprobe subsystem. When fetching user-space arguments for tracing, the kernel fails to properly validate that large strings or arrays fit within a single page-sized buffer, potentially leading to memory corruption. This affects Linux systems using uprobes for dynamic tracing.

📋 TL;DR

This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's uprobe subsystem. When fetching user-space arguments for tracing, the kernel fails to properly validate that large strings or arrays fit within a single page-sized buffer, potentially leading to memory corruption. This affects Linux systems using uprobes for dynamic tracing.

💻 Affected Systems

Products:

Linux kernel

Versions: Versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Requires uprobes to be enabled and configured; not vulnerable by default. CONFIG_KASAN helps detect but doesn't prevent exploitation.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory corruption leading to system crash, privilege escalation, or arbitrary code execution in kernel context.

🟠

Likely Case

System instability, kernel panic, or denial of service due to memory corruption.

🟢

If Mitigated

Limited impact if uprobes are disabled or not in use; systems without CONFIG_KASAN may experience silent corruption.

🌐 Internet-Facing: LOW - Exploitation requires local access and specific uprobe configuration.

🏢 Internal Only: MEDIUM - Local attackers with ability to configure uprobes could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and ability to configure uprobes. The provided reproduction steps demonstrate the vulnerability but not weaponization.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 0dc3ad9ad2188da7f090b3dbe4d2fcd9ae8ae64f or related stable backports

Vendor Advisory: https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Restart Required: Yes

Instructions:

1. Update kernel to patched version from your distribution. 2. For Debian: apt update && apt upgrade linux-image-*. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable uprobes

linux

Prevent exploitation by disabling the uprobe subsystem

echo 0 > /sys/kernel/debug/tracing/events/uprobes/enable
echo '' > /sys/kernel/debug/tracing/uprobe_events

🧯 If You Can't Patch

Restrict access to debugfs tracing interface to privileged users only
Monitor for unauthorized uprobe configuration attempts

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if uprobes are enabled: uname -r and ls /sys/kernel/debug/tracing/uprobe_events

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits or is newer than vulnerable versions

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
KASAN error reports mentioning uprobe or store_trace_args
Unexpected system crashes

Network Indicators:

None - local exploitation only

SIEM Query:

Search for kernel logs containing 'KASAN', 'uprobe', or 'store_trace_args' errors

📊 Metadata

CVE ID: CVE-2024-50067

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: October 28, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50067, you might also want to check these: