CVE-2024-57949
📋 TL;DR
This CVE describes a race condition vulnerability in the Linux kernel's GIC-V3 interrupt controller where interrupts could be incorrectly enabled within a nested interrupt-disabled section. This could lead to system instability or crashes. It affects Linux systems using the GIC-V3 interrupt controller, primarily ARM-based systems.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service, potentially allowing privilege escalation if combined with other vulnerabilities.
Likely Case
System instability, random crashes, or kernel panics under specific interrupt handling conditions.
If Mitigated
Minimal impact with proper kernel hardening and isolation of affected systems.
🎯 Exploit Status
Exploitation requires precise timing and ability to trigger specific interrupt handling paths. Likely requires local access or ability to run code on the system.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in stable kernel versions via commits: 35cb2c6ce7da, 6c84ff2e788f, 93955a778812, d7b0e89610dd
Vendor Advisory: https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. For custom kernels, apply the fix commit to your kernel source. 3. Recompile and install the kernel. 4. Reboot the system.
🔧 Temporary Workarounds
Disable GIC-V3 ITS if not needed
linuxIf system doesn't require GIC-V3 Interrupt Translation Service functionality, it could be disabled via kernel parameters
Add 'its=off' to kernel boot parameters in GRUB or bootloader configuration
🧯 If You Can't Patch
- Isolate affected systems from production workloads
- Implement strict access controls to prevent unauthorized local access
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if running on ARM with GIC-V3. Examine kernel source for the problematic guard(raw_spinlock_irq) usage in its_irq_set_vcpu_affinity()Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to include the fix commits. Check that guard(raw_spinlock) is used instead of guard(raw_spinlock_irq) in the affected function📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- Interrupt-related warnings in dmesg
- System crash reports
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
source="kernel" AND ("panic" OR "WARNING" OR "BUG") AND ("interrupt" OR "gic" OR "its")🔗 References
- https://git.kernel.org/stable/c/35cb2c6ce7da545f3b5cb1e6473ad7c3a6f08310
- https://git.kernel.org/stable/c/6c84ff2e788fce0099ee3e71a3ed258b1ca1a223
- https://git.kernel.org/stable/c/93955a7788121ab5a0f7f27e988b2ed1135a4866
- https://git.kernel.org/stable/c/d7b0e89610dd45ac6cf0d6f99bfa9ccc787db344
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
