CVE-2024-57993 – This CVE describes a type mismatch vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2024-57993?

CVE-2024-57993 has a CVSS score of 5.5 (MEDIUM). This CVE describes a type mismatch vulnerability in the Linux kernel's hid-thrustmaster driver that could allow an attacker to trigger a kernel warning or potentially cause a denial of service. The issue affects Linux systems using Thrustmaster USB devices. Attackers with physical USB access or ability to connect malicious USB devices could exploit this vulnerability.

📋 TL;DR

This CVE describes a type mismatch vulnerability in the Linux kernel's hid-thrustmaster driver that could allow an attacker to trigger a kernel warning or potentially cause a denial of service. The issue affects Linux systems using Thrustmaster USB devices. Attackers with physical USB access or ability to connect malicious USB devices could exploit this vulnerability.

💻 Affected Systems

Products:

Linux kernel

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Thrustmaster USB devices connected or when the hid-thrustmaster driver is loaded. Most Linux distributions include this driver by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash leading to denial of service, potentially requiring physical reboot of affected systems.

🟠

Likely Case

Kernel warning messages in system logs and potential driver malfunction for Thrustmaster USB devices.

🟢

If Mitigated

Minor system instability or warning messages that don't affect overall system operation.

🌐 Internet-Facing: LOW - Requires physical USB access or local device connection, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Internal attackers with physical access to USB ports could potentially cause system instability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires physical USB access or ability to connect a malicious USB device. The vulnerability was discovered through fuzzing (syzkaller).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 220883fba32549a34f0734e4859d07f4dcd56992, 50420d7c79c37a3efe4010ff9b1bb14bc61ebccf, 816e84602900f7f951458d743fa12769635ebfd5, ae730deded66150204c494282969bfa98dc3ae67, e5bcae4212a6a4b4204f46a1b8bcba08909d2007

Vendor Advisory: https://git.kernel.org/stable/c/220883fba32549a34f0734e4859d07f4dcd56992

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable hid-thrustmaster driver

linux

Blacklist or prevent loading of the vulnerable hid-thrustmaster driver

echo 'blacklist hid-thrustmaster' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u

Restrict USB device access

linux

Implement USB device authorization policies to prevent unauthorized USB connections

Configure udev rules to restrict USB device access

🧯 If You Can't Patch

Disconnect Thrustmaster USB devices from vulnerable systems
Implement physical security controls to prevent unauthorized USB device connections

🔍 How to Verify

Check if Vulnerable:

Check if hid-thrustmaster driver is loaded: lsmod | grep hid_thrustmaster

Check Version:

uname -r

Verify Fix Applied:

Check kernel version contains fix commits or verify driver loads without warnings in dmesg

📡 Detection & Monitoring

Log Indicators:

Kernel warning messages in dmesg or syslog related to hid-thrustmaster or USB endpoint mismatches
Driver loading errors for hid-thrustmaster

Network Indicators:

No network indicators - this is a local USB device vulnerability

SIEM Query:

source="kernel" AND ("hid-thrustmaster" OR "endpoint mismatch" OR "USB pipe")

📊 Metadata

CVE ID: CVE-2024-57993

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score: 0.05% exploit probability (15.8th percentile)

Published: February 27, 2025

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON