CVE-2024-50234
📋 TL;DR
A race condition vulnerability in the Linux kernel's iwlegacy WiFi driver allows stale interrupts to trigger during system resume from hibernation, causing the WiFi hardware to become unavailable. This affects systems using iwl4965 WiFi hardware with the iwlegacy driver. The vulnerability can lead to denial of service for WiFi connectivity.
💻 Affected Systems
- Linux kernel with iwlegacy driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete loss of WiFi connectivity requiring system reboot, potentially disrupting network-dependent services and operations.
Likely Case
WiFi hardware becomes unavailable after resume from hibernation, requiring manual intervention to restore connectivity.
If Mitigated
Minor service interruption during resume that self-corrects or requires driver reload.
🎯 Exploit Status
Exploitation requires physical or local access to trigger hibernation/resume cycle. No remote exploitation vector identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 07c90acb071b, 23f9cef17ee3, 271d282ecc15, 8ac22fe1e2b1, or 8af8294d369a
Vendor Advisory: https://git.kernel.org/stable/c/07c90acb071b9954e1fecb1e4f4f13d12c544b34
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable hibernation
linuxPrevent system from entering hibernation state where the vulnerability triggers
sudo systemctl mask hibernate.target hybrid-sleep.target
Blacklist iwlegacy driver
linuxPrevent loading of vulnerable driver (will disable WiFi on affected hardware)
echo 'blacklist iwlegacy' | sudo tee /etc/modprobe.d/blacklist-iwlegacy.conf
sudo update-initramfs -u
🧯 If You Can't Patch
- Avoid using hibernation/suspend functionality on affected systems
- Use alternative WiFi hardware not requiring iwlegacy driver
🔍 How to Verify
Check if Vulnerable:
Check if iwlegacy module is loaded and kernel version is before fix: lsmod | grep iwlegacy && uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits or check dmesg for absence of 'Hardware became unavailable upon resume' errors after hibernation📡 Detection & Monitoring
Log Indicators:
- Hardware became unavailable upon resume
- START_ALIVE timeout
- iwl4965 fails upon resume
Network Indicators:
- Sudden loss of WiFi connectivity after system resume
SIEM Query:
dmesg OR kernel.log: "Hardware became unavailable upon resume" OR "iwl4965 fails upon resume"🔗 References
- https://git.kernel.org/stable/c/07c90acb071b9954e1fecb1e4f4f13d12c544b34
- https://git.kernel.org/stable/c/23f9cef17ee315777dbe88d5c11ff6166e4d0699
- https://git.kernel.org/stable/c/271d282ecc15d7012e71ca82c89a6c0e13a063dd
- https://git.kernel.org/stable/c/8ac22fe1e2b104c37e4fecd97735f64bd6349ebc
- https://git.kernel.org/stable/c/8af8294d369a871cdbcdbb4d13b87d2d6e490a1f
- https://git.kernel.org/stable/c/9d89941e51259c2b0b8e9c10c6f1f74200d7444f
- https://git.kernel.org/stable/c/cedf0f1db8d5f3524339c2c6e35a8505b0f1ab73
- https://git.kernel.org/stable/c/d0231f43df473e2f80372d0ca150eb3619932ef9
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
