CVE-2024-50293
📋 TL;DR
A use-after-free vulnerability in the Linux kernel's SMC (Shared Memory Communications) implementation allows local attackers to potentially escalate privileges or crash the system. The vulnerability occurs when socket creation fails but leaves a dangling pointer, which could be exploited to execute arbitrary code. This affects Linux systems with SMC enabled.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to root, kernel panic leading to denial of service, or arbitrary code execution in kernel context.
Likely Case
Kernel panic causing system crash and denial of service.
If Mitigated
No impact if SMC is disabled or systems are patched.
🎯 Exploit Status
Requires local access and knowledge of kernel exploitation techniques. Found by syzbot fuzzing.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits d293958a8595ba566fb90b99da4d6263e14fee15 or d2cc492124e1f22daa1700f069bcc58788043381
Vendor Advisory: https://git.kernel.org/stable/c/d293958a8595ba566fb90b99da4d6263e14fee15
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable SMC module
linuxPrevent loading of SMC kernel module to mitigate vulnerability
echo 'install smc /bin/false' >> /etc/modprobe.d/disable-smc.conf
rmmod smc 2>/dev/null || true
🧯 If You Can't Patch
- Disable SMC module using modprobe blacklisting
- Restrict local user access and implement strict privilege separation
🔍 How to Verify
Check if Vulnerable:
Check if SMC module is loaded: lsmod | grep smc AND check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits and SMC module functions correctly if needed📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- OOM killer activity related to SMC
- System crash dumps
Network Indicators:
- Unusual SMC socket creation attempts
SIEM Query:
source="kernel" AND ("smc" OR "AF_SMC") AND ("panic" OR "Oops" OR "BUG")