Login Sign Up

CVE-2024-57981

5.5 MEDIUM
Denial of Service

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's xHCI USB driver can cause kernel crashes when certain USB commands are aborted. This affects Linux systems using the xHCI USB controller. The vulnerability leads to denial of service but not privilege escalation.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not specified in CVE; check kernel commits for exact ranges.
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires xHCI USB controller usage; vulnerability triggered by specific USB command abortion scenarios.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, requiring physical or remote reboot.

🟠

Likely Case

System crash when specific USB command abortion scenarios occur, causing temporary unavailability.

🟢

If Mitigated

No impact if patched; unpatched systems may experience crashes under specific USB command conditions.

🌐 Internet-Facing: LOW - Requires local USB device interaction, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local USB device access could trigger crashes, affecting system availability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: HIGH - Requires specific USB device interaction and timing.

Exploitation requires physical or virtual USB device access to trigger command abortion scenarios.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commits 0ce5c0dac768be14afe2426101b568a0f66bfc4d or later

Vendor Advisory: https://git.kernel.org/stable/c/0ce5c0dac768be14afe2426101b568a0f66bfc4d

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched commit.

🔧 Temporary Workarounds

Disable vulnerable USB controllers

linux

Temporarily disable xHCI USB controllers if not needed.

echo 'blacklist xhci_hcd' > /etc/modprobe.d/blacklist-xhci.conf
reboot

🧯 If You Can't Patch

  • Restrict physical USB device access to trusted devices only.
  • Monitor system logs for kernel panic events related to USB commands.

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with patched commits; examine if xHCI driver is loaded.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commit; test with USB device that previously triggered issue.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • NULL pointer dereference errors in dmesg
  • USB command abortion logs

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND "NULL pointer dereference" AND "xhci"

📊 Metadata

CVE ID: CVE-2024-57981
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-476
EPSS Score: 0.06% exploit probability (18.6th percentile)
Published: February 27, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57981, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2019-20914 9.8

This vulnerability in GNU LibreDWG is a NULL pointer dereference that can cause application crashes ...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)