CVE-2024-50133
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's LoongArch architecture allows kernel threads without vDSO mappings to crash when calling stack_top(). This affects systems running Linux with LoongArch processors, potentially causing denial of service through kernel panics.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring physical or remote reboot.
Likely Case
System instability or crash when kernel threads trigger the vulnerable code path, particularly during testing or specific operations.
If Mitigated
Minimal impact if systems are patched or don't use LoongArch architecture.
🎯 Exploit Status
Exploitation requires triggering kernel thread operations that call stack_top(), such as through kunit testing framework as shown in the stack trace.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits: 041cc3860b06770357876d1114d615333b0fbf31, 134475a9ab8487527238d270639a8cb74c10aab2, a67d4a02bf43e15544179895ede7d5f97b84b550, a94c197d4d749954dfaa37e907fcc8c04e4aad7e)
Vendor Advisory: https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from official distribution repositories. 2. For custom kernels, apply the relevant stable kernel patches. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Avoid kunit testing
linuxTemporarily disable or avoid using kunit testing framework which can trigger the vulnerable code path.
🧯 If You Can't Patch
- Restrict access to systems to prevent triggering kernel thread operations that could exploit the vulnerability.
- Monitor systems for kernel panic events and have recovery procedures ready.
🔍 How to Verify
Check if Vulnerable:
Check kernel version and architecture: 'uname -r' and 'uname -m'. If running LoongArch and using unpatched kernel, system is vulnerable.Check Version:
uname -rVerify Fix Applied:
Verify kernel version after update matches patched version and check system stability during kernel thread operations.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- NULL pointer dereference errors mentioning stack_top or vDSO
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "stack_top" OR "vdso")🔗 References
- https://git.kernel.org/stable/c/041cc3860b06770357876d1114d615333b0fbf31
- https://git.kernel.org/stable/c/134475a9ab8487527238d270639a8cb74c10aab2
- https://git.kernel.org/stable/c/a67d4a02bf43e15544179895ede7d5f97b84b550
- https://git.kernel.org/stable/c/a94c197d4d749954dfaa37e907fcc8c04e4aad7e
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
