CVE-2024-56766
📋 TL;DR
This CVE describes a double-free vulnerability in the Linux kernel's MTD (Memory Technology Device) subsystem, specifically in the atmel_pmecc_create_user() function. The vulnerability occurs when memory allocated with devm_kzalloc() is incorrectly freed with kfree(), potentially leading to memory corruption. Systems running affected Linux kernel versions with MTD/NAND support are at risk.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service, or potential privilege escalation if an attacker can manipulate the freed memory to execute arbitrary code.
Likely Case
System instability, crashes, or denial of service when the vulnerable code path is triggered during NAND operations.
If Mitigated
No impact if the vulnerable code path is not executed or if proper kernel hardening prevents exploitation.
🎯 Exploit Status
Exploitation requires triggering the specific code path in atmel_pmecc_create_user(), which may require specific hardware or driver configuration. Local access or ability to interact with NAND devices is typically needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the fix commits: 1562871ef613fa9492aa0310933eff785166a90e, 3d825a241e65f7e3072978729e79d735ec40b80e, 6ea15205d7e2b811fbbdf79783f686f58abfb4b7, ca9818554b0f33e87f38e4bfa2dac056692d46cc, d2f090ea57f8d6587e09d4066f740a8617767b3d
Vendor Advisory: https://git.kernel.org/stable/c/1562871ef613fa9492aa0310933eff785166a90e
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix commits. 2. For distributions: Apply security updates from your vendor. 3. Rebuild and install kernel if compiling from source. 4. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable MTD/NAND support
allRemove or disable MTD and NAND support in kernel configuration if not required
# Reconfigure kernel without CONFIG_MTD and CONFIG_MTD_NAND options
# Rebuild and install kernel
🧯 If You Can't Patch
- Restrict access to users who can trigger NAND operations
- Implement kernel hardening features like KASLR and stack protection
🔍 How to Verify
Check if Vulnerable:
Check kernel version and configuration for MTD/NAND support. Examine kernel source for vulnerable atmel_pmecc_create_user() function.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits. Check that the atmel_pmecc_create_user() function no longer contains the double-free code.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- OOM (Out of Memory) errors
- MTD/NAND driver error messages in dmesg
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
Search for kernel panic events or MTD/NAND error messages in system logs🔗 References
- https://git.kernel.org/stable/c/1562871ef613fa9492aa0310933eff785166a90e
- https://git.kernel.org/stable/c/3d825a241e65f7e3072978729e79d735ec40b80e
- https://git.kernel.org/stable/c/6ea15205d7e2b811fbbdf79783f686f58abfb4b7
- https://git.kernel.org/stable/c/ca9818554b0f33e87f38e4bfa2dac056692d46cc
- https://git.kernel.org/stable/c/d2f090ea57f8d6587e09d4066f740a8617767b3d
- https://git.kernel.org/stable/c/d8e4771f99c0400a1873235704b28bb803c83d17
- https://git.kernel.org/stable/c/dd45c87782738715d5e7c167f8dabf0814a7394a
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
