CVE-2024-50240
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's Qualcomm QMP USB PHY driver causes kernel panic on runtime suspend when runtime power management is enabled. This affects Linux systems using Qualcomm USB PHY hardware. The vulnerability requires manual runtime PM activation via sysfs, limiting exposure.
💻 Affected Systems
- Linux kernel with Qualcomm QMP USB PHY driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring physical or remote reboot.
Likely Case
System instability or crash if runtime PM is manually enabled for affected USB PHY hardware.
If Mitigated
No impact since runtime PM is disabled by default and requires manual sysfs configuration.
🎯 Exploit Status
Requires local access and manual runtime PM configuration via sysfs. Not easily weaponized for remote attacks.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in stable kernel commits: 370814e9d512, 5ebde521fbb9, bd9e4d4a3b12
Vendor Advisory: https://git.kernel.org/stable/c/370814e9d512ba289612c3780890b80bf2605046
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fixes. 2. Reboot system. 3. Verify kernel version post-update.
🔧 Temporary Workarounds
Disable runtime PM for affected USB PHY
linuxPrevent runtime power management activation for vulnerable driver
echo 'on' > /sys/bus/platform/devices/<phy-device>/power/control
🧯 If You Can't Patch
- Ensure runtime power management remains disabled for Qualcomm USB PHY devices
- Monitor system logs for kernel panic events related to USB PHY suspend operations
🔍 How to Verify
Check if Vulnerable:
Check if system uses Qualcomm QMP USB PHY and has runtime PM enabled: lsmod | grep qcom_qmp_phy_usb and check /sys/bus/platform/devices/*/power/controlCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: uname -r and check kernel changelog for fixes📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- NULL pointer dereference in qmp_usb_* functions
- USB PHY suspend failures
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "qmp-usb" OR "USB PHY")