CVE-2024-57905
📋 TL;DR
This CVE describes an information leak vulnerability in the Linux kernel's TI ADS1119 ADC driver. When triggered buffer data is sent to userspace, uninitialized memory from a struct hole could expose kernel memory contents. This affects systems using the ti-ads1119 driver with triggered buffer functionality enabled.
💻 Affected Systems
- Linux kernel with ti-ads1119 ADC driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory disclosure could reveal sensitive information like encryption keys, passwords, or other process data, potentially enabling further attacks.
Likely Case
Limited information leak exposing random kernel memory contents, which could aid attackers in bypassing security mechanisms or gaining system insights.
If Mitigated
No data exposure if proper kernel hardening and memory protection mechanisms are in place.
🎯 Exploit Status
Requires local access and ability to trigger the ADC buffer functionality. No known public exploits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits 2f1687cca911a2f294313c762e0646cd9e7be8cc or 75f339d3ecd38cb1ce05357d647189d4a7f7ed08
Vendor Advisory: https://git.kernel.org/stable/c/2f1687cca911a2f294313c762e0646cd9e7be8cc
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable ti-ads1119 driver
LinuxPrevent loading of vulnerable driver if not needed
echo 'blacklist ti-ads1119' > /etc/modprobe.d/blacklist-ti-ads1119.conf
rmmod ti-ads1119
🧯 If You Can't Patch
- Restrict local user access to systems using ti-ads1119 ADC
- Disable triggered buffer functionality if possible through driver configuration
🔍 How to Verify
Check if Vulnerable:
Check if ti-ads1119 module is loaded: lsmod | grep ti_ads1119. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: grep -q '2f1687cca911a2f294313c762e0646cd9e7be8cc\|75f339d3ecd38cb1ce05357d647189d4a7f7ed08' /proc/version_signature📡 Detection & Monitoring
Log Indicators:
- Kernel logs showing ti-ads1119 driver activity
- System logs of local users accessing ADC devices
Network Indicators:
- None - local vulnerability only
SIEM Query:
process.name contains 'modprobe' AND process.args contains 'ti-ads1119' OR kernel.module contains 'ti_ads1119'