CVE-2024-58007
📋 TL;DR
This vulnerability in the Linux kernel's Qualcomm SOC info driver allows an out-of-bounds read of memory when accessing the serial number on MSM8916 devices. It affects Linux systems running on Qualcomm MSM8916 hardware. The issue occurs because bounds checking incorrectly compares the start offset rather than the end offset of the serial number field.
💻 Affected Systems
- Linux kernel with Qualcomm SOC info driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Information disclosure of kernel memory contents, potentially exposing sensitive data or memory layout that could aid further exploitation.
Likely Case
Exposure of constant, incorrect serial number (2644893864) on affected devices, with potential for reading random memory contents beyond the socinfo struct.
If Mitigated
No serial number exposure on MSM8916 devices, preventing information disclosure.
🎯 Exploit Status
Requires local access to read /sys/devices/soc0/serial_number. The vulnerability is an information disclosure rather than code execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 0a92feddae0634a0b87c04b19d343f6af97af700 or related stable backports
Vendor Advisory: https://git.kernel.org/stable/c/0a92feddae0634a0b87c04b19d343f6af97af700
Restart Required: No
Instructions:
1. Update Linux kernel to version containing the fix. 2. For embedded systems, update the kernel image. 3. No service restart required as it's a kernel driver fix.
🔧 Temporary Workarounds
Disable serial number access
allRemove read permissions from the serial_number sysfs file
chmod 000 /sys/devices/soc0/serial_number
🧯 If You Can't Patch
- Implement strict access controls to limit who can read sysfs files
- Monitor for unusual access patterns to /sys/devices/soc0/serial_number
🔍 How to Verify
Check if Vulnerable:
Check if cat /sys/devices/soc0/serial_number returns 2644893864 on MSM8916 hardwareCheck Version:
uname -r to check kernel versionVerify Fix Applied:
After patching, the serial number should either show correct value or not be accessible on MSM8916📡 Detection & Monitoring
Log Indicators:
- Audit logs showing access to /sys/devices/soc0/serial_number
Network Indicators:
- None - local vulnerability only
SIEM Query:
process.name=cat AND file.path=/sys/devices/soc0/serial_number🔗 References
- https://git.kernel.org/stable/c/0a92feddae0634a0b87c04b19d343f6af97af700
- https://git.kernel.org/stable/c/22cf4fae6660b6e1a583a41cbf84e3046ca9ccd0
- https://git.kernel.org/stable/c/2495c6598731b6d7f565140f2bd63ef4bc36ce7d
- https://git.kernel.org/stable/c/2d09d3c9afa2fc422ac3df7c9b8534f350ee19dd
- https://git.kernel.org/stable/c/407c928305c1a37232a63811c400ef616f85ccbc
- https://git.kernel.org/stable/c/47470acd719d45c4c8c418c07962f74cc995652b
- https://git.kernel.org/stable/c/7445fa05317534bbd8b373c0eff8319187916030
- https://git.kernel.org/stable/c/9c88b3a3fae4d60641c3a45be66269d00eff33cd
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
