Login Sign Up

CVE-2024-58017

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE addresses a signed integer overflow vulnerability in the Linux kernel's printk subsystem when defining LOG_BUF_LEN_MAX. The vulnerability could potentially lead to undefined behavior or kernel instability. All systems running affected Linux kernel versions are impacted.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but patches are available in stable kernel trees
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: All configurations using the affected kernel code are vulnerable as this is a compile-time issue in kernel source.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel crash or instability leading to denial of service, potentially allowing privilege escalation if combined with other vulnerabilities.

🟠

Likely Case

System instability or kernel panic under specific conditions when the overflow triggers undefined behavior.

🟢

If Mitigated

Minimal impact as this is a defensive fix for undefined behavior that may not be reliably exploitable.

🌐 Internet-Facing: LOW - This is a kernel-level issue not directly exposed to network interfaces.
🏢 Internal Only: MEDIUM - Affects system stability but requires local access or ability to trigger the specific code path.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation would require triggering the specific signed integer overflow during kernel compilation or runtime, which is challenging and may not lead to reliable exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits referenced in CVE)

Vendor Advisory: https://git.kernel.org/stable/c/3d6f83df8ff2d5de84b50377e4f0d45e25311c7a

Restart Required: Yes

Instructions:

1. Update to a patched kernel version from your distribution's repositories. 2. Recompile kernel if using custom build. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

No effective workaround

linux

This is a kernel source code issue that requires patching

🧯 If You Can't Patch

  • Monitor system logs for kernel panics or instability
  • Implement strict access controls to limit who can trigger kernel operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with patched versions from distribution vendor

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update matches patched version from vendor

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • System instability logs
  • Unexpected reboots

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "BUG")

📊 Metadata

CVE ID: CVE-2024-58017
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-190
EPSS Score: 0.05% exploit probability (13.8th percentile)
Published: February 27, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-58017, you might also want to check these:

CVE-2025-64721 10.0

This vulnerability in Sandboxie allows sandboxed processes to exploit an integer overflow in the Sbi...

Same vulnerability type (CWE-190)
CVE-2025-52581 9.8

An integer overflow vulnerability in libbiosig's GDF file parsing allows arbitrary code execution wh...

Same vulnerability type (CWE-190)
CVE-2025-53518 9.8

An integer overflow vulnerability in libbiosig's ABF file parser allows arbitrary code execution whe...

Same vulnerability type (CWE-190)