Login Sign Up

CVE-2024-56695

7.8 HIGH
Denial of Service

📋 TL;DR

A stack overflow vulnerability in the Linux kernel's AMD GPU driver could allow local attackers to crash the kernel or potentially execute arbitrary code. This affects systems with AMD GPUs running vulnerable kernel versions. The vulnerability requires local access to exploit.

💻 Affected Systems

Products:
  • Linux kernel with AMD GPU driver (amdgpu/amdkfd)
Versions: Kernel versions containing the vulnerable code before the fix commits
Operating Systems: Linux distributions with affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with AMD GPU hardware and the amdgpu/amdkfd driver loaded

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash or potential privilege escalation to kernel mode execution

🟠

Likely Case

Kernel crash causing system instability or denial of service

🟢

If Mitigated

No impact if patched or if system lacks AMD GPU hardware

🌐 Internet-Facing: LOW - Requires local access to exploit
🏢 Internal Only: MEDIUM - Local users or processes could exploit this vulnerability

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and knowledge of triggering the vulnerable function path

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 6d9f07196389f35a3afebcf1a12c1425725caddd or 922f0e00017b09d9d47e3efac008c8b20ed546a0

Vendor Advisory: https://git.kernel.org/stable/c/6d9f07196389f35a3afebcf1a12c1425725caddd

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load patched kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable AMD GPU driver

linux

Prevent loading of vulnerable amdgpu/amdkfd kernel modules

echo 'blacklist amdgpu' >> /etc/modprobe.d/blacklist.conf
echo 'blacklist amdkfd' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

  • Restrict local user access to systems with AMD GPUs
  • Implement strict privilege separation and limit user permissions

🔍 How to Verify

Check if Vulnerable:

Check if system has AMD GPU and vulnerable kernel version. Run: lspci | grep -i amd && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version contains fix commits. Check kernel changelog or git history for commits 6d9f07196389f35a3afebcf1a12c1425725caddd or 922f0e00017b09d9d47e3efac008c8b20ed546a0

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • Stack overflow warnings in dmesg
  • System crash/reboot events

Network Indicators:

  • None - local exploitation only

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "stack overflow") AND process="kfd_get_cu_occupancy"

📊 Metadata

CVE ID: CVE-2024-56695
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: December 28, 2024
Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-56695, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)