CVE-2024-58014
📋 TL;DR
This CVE addresses an out-of-bounds read vulnerability in the brcmsmac WiFi driver in the Linux kernel. The vulnerability could allow local attackers to read kernel memory, potentially leading to information disclosure or system crashes. Systems using affected Linux kernel versions with the brcmsmac driver are at risk.
💻 Affected Systems
- Linux kernel with brcmsmac WiFi driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local attacker gains kernel memory read access, potentially exposing sensitive information or causing kernel panic leading to denial of service.
Likely Case
Local user triggers kernel warning (WARN) leading to system instability or crash, requiring reboot.
If Mitigated
Kernel warning is triggered but system remains operational with proper error handling.
🎯 Exploit Status
Requires local access and knowledge of driver interaction; compile-tested only according to description
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel branches (see references)
Vendor Advisory: https://git.kernel.org/stable/c/093286c33409bf38896f2dab0c0bb6ca388afb33
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version 2. Reboot system 3. Verify kernel version and driver functionality
🔧 Temporary Workarounds
Disable brcmsmac driver
allBlacklist or disable the vulnerable brcmsmac WiFi driver
echo 'blacklist brcmsmac' >> /etc/modprobe.d/blacklist.conf
rmmod brcmsmac
🧯 If You Can't Patch
- Restrict local user access to systems with vulnerable driver
- Implement strict privilege separation and limit local user capabilities
🔍 How to Verify
Check if Vulnerable:
Check if brcmsmac driver is loaded: lsmod | grep brcmsmacCheck Version:
uname -rVerify Fix Applied:
Check kernel version is patched and driver loads without errors in dmesg📡 Detection & Monitoring
Log Indicators:
- Kernel WARN messages related to brcmsmac or wlc_phy_iqcal_gainparams_nphy
- System crashes or kernel panics
Network Indicators:
- Unusual WiFi driver behavior or disconnections
SIEM Query:
source="kernel" AND ("brcmsmac" OR "WARN" OR "out-of-bounds")🔗 References
- https://git.kernel.org/stable/c/093286c33409bf38896f2dab0c0bb6ca388afb33
- https://git.kernel.org/stable/c/0a457223cb2b9ca46bae7de387d0f4c093b0220d
- https://git.kernel.org/stable/c/13ef16c4fe384b1e70277bbe1d87934ee6c81e12
- https://git.kernel.org/stable/c/3f4a0948c3524ae50f166dbc6572a3296b014e62
- https://git.kernel.org/stable/c/6f6e293246dc1f5b2b6b3d0f2d757598489cda79
- https://git.kernel.org/stable/c/ada9df08b3ef683507e75b92f522fb659260147f
- https://git.kernel.org/stable/c/c27ce584d274f6ad3cba2294497de824a3c66646
- https://git.kernel.org/stable/c/d280a12e9b87819a8a209639d600b48a2d6d65dc
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
