CVE-2024-50129
📋 TL;DR
This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's PSE-PD (Power Sourcing Equipment - Power Delivery) subsystem. An attacker could potentially exploit this to cause kernel crashes or execute arbitrary code with kernel privileges. All Linux systems using the affected kernel versions are vulnerable if the PSE-PD functionality is enabled.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential kernel privilege escalation allowing full system compromise.
Likely Case
System instability, kernel crashes, or denial of service conditions affecting network functionality.
If Mitigated
Minimal impact if PSE-PD functionality is disabled or systems are properly segmented.
🎯 Exploit Status
Exploitation requires access to the affected kernel module and understanding of PSE-PD subsystem interactions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 50ea68146d82f34b3ad80d8290ef8222136dedd7 and f2767a41959e60763949c73ee180e40c686e807e
Vendor Advisory: https://git.kernel.org/stable/c/50ea68146d82f34b3ad80d8290ef8222136dedd7
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable PSE-PD module
linuxPrevent loading of the vulnerable kernel module
echo 'blacklist pse_pd' >> /etc/modprobe.d/blacklist.conf
rmmod pse_pd
🧯 If You Can't Patch
- Disable PSE-PD functionality if not required
- Implement strict access controls to limit who can interact with PSE-PD interfaces
🔍 How to Verify
Check if Vulnerable:
Check if PSE-PD module is loaded: lsmod | grep pse_pd. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: uname -r. Check if system remains stable during PSE-PD operations.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- Out of bounds memory access errors in kernel logs
- System crash/reboot events
Network Indicators:
- Unusual PSE-PD protocol traffic patterns
- Network interface instability
SIEM Query:
source="kernel" AND ("panic" OR "oops" OR "out of bounds") AND "pse"