CVE-2024-58055
📋 TL;DR
This CVE describes a double-free vulnerability in the Linux kernel's USB gadget f_tcm driver. An attacker could potentially cause a kernel crash or execute arbitrary code by exploiting improper memory management during USB storage emulation. Systems using USB gadget functionality with the f_tcm driver are affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential arbitrary code execution with kernel privileges resulting in complete system compromise.
Likely Case
System instability, kernel crashes, or denial of service affecting USB gadget functionality.
If Mitigated
Limited impact if USB gadget functionality is disabled or not in use.
🎯 Exploit Status
Requires local access or ability to interact with USB gadget interface. Memory corruption vulnerabilities can be challenging to exploit reliably.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (see references)
Vendor Advisory: https://git.kernel.org/stable/c/16907219ad6763f401700e1b57b2da4f3e07f047
Restart Required: Yes
Instructions:
1. Update to a patched kernel version from your distribution's repositories. 2. Reboot the system to load the new kernel.
🔧 Temporary Workarounds
Disable USB gadget functionality
LinuxIf USB gadget functionality is not required, disable it to eliminate the attack surface.
modprobe -r g_tcm
echo 'blacklist g_tcm' > /etc/modprobe.d/disable-g_tcm.conf
🧯 If You Can't Patch
- Restrict physical access to USB ports
- Implement strict access controls to prevent unauthorized users from interacting with USB gadget interfaces
🔍 How to Verify
Check if Vulnerable:
Check if the f_tcm module is loaded: lsmod | grep tcmCheck Version:
uname -rVerify Fix Applied:
Check kernel version after update and verify f_tcm module functions without crashes during USB storage operations.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- USB-related error messages in dmesg
- System crashes during USB operations
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
Search for kernel panic events or USB driver error messages in system logs.🔗 References
- https://git.kernel.org/stable/c/16907219ad6763f401700e1b57b2da4f3e07f047
- https://git.kernel.org/stable/c/38229c35a6d7875697dfb293356407330cfcd23e
- https://git.kernel.org/stable/c/7cb72dc08ed8da60fd6d1f6adf13bf0e6ee0f694
- https://git.kernel.org/stable/c/929b69810eec132b284ffd19047a85d961df9e4d
- https://git.kernel.org/stable/c/bbb7f49839b57d66ccaf7b5752d9b63d3031dd0a
- https://git.kernel.org/stable/c/c225d006a31949d673e646d585d9569bc28feeb9
- https://git.kernel.org/stable/c/e6693595bd1b55af62d057a4136a89d5c2ddf0e9
- https://git.kernel.org/stable/c/f0c33e7d387ccbb6870e73a43c558fefede06614
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
