CVE-2024-58052
📋 TL;DR
This CVE describes a NULL pointer dereference vulnerability in the AMD GPU driver for Linux kernel. The vulnerability could allow an attacker with local access to cause a kernel panic or system crash by triggering a specific function call. It primarily affects systems with AMD Polaris GPUs running vulnerable Linux kernel versions.
💻 Affected Systems
- Linux kernel with AMD GPU driver (amdgpu)
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation leading to kernel panic, system crash, or potential arbitrary code execution in kernel context.
Likely Case
Denial of service through kernel panic or system crash when the vulnerable function is triggered by a local user.
If Mitigated
Minimal impact with proper access controls limiting local user access and kernel hardening features enabled.
🎯 Exploit Status
Exploitation requires local access and knowledge of how to trigger the vulnerable function. The vulnerability is in a specific GPU driver function that may not be easily reachable.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel versions containing the fix commits: 0b97cd8a61b2b40fd73cf92a4bb2256462d22adb, 2396bc91935c6da0588ce07850d07897974bd350, 357445e28ff004d7f10967aa93ddb4bffa5c3688, 396350adf0e5ad4bf05f01e4d79bfb82f0f6c41a, 6a30634a2e0f1dd3c6b39fd0f114c32893a9907a
Vendor Advisory: https://git.kernel.org/stable/c/0b97cd8a61b2b40fd73cf92a4bb2256462d22adb
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel packages. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable amdgpu driver
linuxPrevent loading of the vulnerable AMD GPU driver module
echo 'blacklist amdgpu' >> /etc/modprobe.d/blacklist-amdgpu.conf
update-initramfs -u
reboot
Use nomodeset kernel parameter
linuxDisable kernel mode setting which may prevent the vulnerable code path
Add 'nomodeset' to GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub
update-grub
reboot
🧯 If You Can't Patch
- Restrict local user access to systems with AMD Polaris GPUs
- Implement kernel hardening features like KASLR and SMEP/SMAP
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if amdgpu module is loaded: 'uname -r' and 'lsmod | grep amdgpu'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and contains the fix commits: 'uname -r' and check kernel changelog📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- GPU driver crash logs
- System crash/reboot events
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("panic" OR "Oops" OR "NULL pointer dereference") AND "amdgpu"🔗 References
- https://git.kernel.org/stable/c/0b97cd8a61b2b40fd73cf92a4bb2256462d22adb
- https://git.kernel.org/stable/c/2396bc91935c6da0588ce07850d07897974bd350
- https://git.kernel.org/stable/c/357445e28ff004d7f10967aa93ddb4bffa5c3688
- https://git.kernel.org/stable/c/396350adf0e5ad4bf05f01e4d79bfb82f0f6c41a
- https://git.kernel.org/stable/c/6a30634a2e0f1dd3c6b39fd0f114c32893a9907a
- https://git.kernel.org/stable/c/a713ba7167c2d74c477dd7764dbbdbe3199f17f4
- https://git.kernel.org/stable/c/ae522ad211ec4b72eaf742b25f24b0a406afcba1
- https://git.kernel.org/stable/c/c47066ed7c8f3b320ef87fa6217a2b8b24e127cc
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
