CVE-2024-50223
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's NUMA balancing scheduler allows local attackers to cause a kernel panic and system crash. This affects Linux systems with NUMA balancing enabled, requiring local access to trigger the vulnerability.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
Local denial of service through system crash when specific stress testing conditions are met.
If Mitigated
Minimal impact if NUMA balancing is disabled or systems are patched.
🎯 Exploit Status
Requires local access and specific conditions to trigger. Discovered during stress-ng testing with vm-segv module.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel branches via git commits: 9c70b2a33cd2aa6a5a59c5523ef053bd42265209, ade91f6e9848b370add44d89c976e070ccb492ef, c60d98ef7078fc3e22b48e98eae7a897d88494ee
Vendor Advisory: https://git.kernel.org/stable/c/9c70b2a33cd2aa6a5a59c5523ef053bd42265209
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Rebuild kernel if using custom kernel. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable NUMA balancing
linuxTemporarily disable NUMA balancing to prevent the vulnerable code path
echo 0 > /proc/sys/kernel/numa_balancing
🧯 If You Can't Patch
- Disable NUMA balancing via sysctl
- Restrict local user access to prevent malicious triggering
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if NUMA balancing is enabled: cat /proc/sys/kernel/numa_balancingCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and check that /proc/sys/kernel/numa_balancing returns 1 (if re-enabled)📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs mentioning 'NULL pointer dereference'
- Crash dumps with backtrace showing task_numa_work or vma_migratable
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "task_numa_work" OR "vma_migratable")