CVE-2024-58067 – This CVE involves a NULL pointer dereference vu... (How to Fix)

Q: What is the severity of CVE-2024-58067?

CVE-2024-58067 has a CVSS score of 5.5 (MEDIUM). This CVE involves a NULL pointer dereference vulnerability in the Linux kernel's clock controller driver for PXA1908 processors. If exploited, it could cause a kernel panic or system crash, affecting systems running vulnerable Linux kernel versions with this specific hardware support. The vulnerability requires local access to trigger.

📋 TL;DR

This CVE involves a NULL pointer dereference vulnerability in the Linux kernel's clock controller driver for PXA1908 processors. If exploited, it could cause a kernel panic or system crash, affecting systems running vulnerable Linux kernel versions with this specific hardware support. The vulnerability requires local access to trigger.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific versions with the vulnerable pxa1908-mpmu clock driver code

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with PXA1908 processor support enabled in kernel configuration. Most general-purpose distributions may not have this enabled by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

Local denial of service through kernel panic, requiring system reboot to recover.

🟢

If Mitigated

Minimal impact with proper access controls preventing local user exploitation.

🌐 Internet-Facing: LOW - Requires local access to exploit, not directly reachable from network.

🏢 Internal Only: MEDIUM - Local users or processes could trigger denial of service affecting system availability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of triggering the specific clock driver code path. No public exploit code identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commit 0869a7b2afdfcdd2beb0a5fb683119bcf39c0e9d or 7def56f841af22e07977e193eea002e085facbdb

Vendor Advisory: https://git.kernel.org/stable/c/0869a7b2afdfcdd2beb0a5fb683119bcf39c0e9d

Restart Required: Yes

Instructions:

1. Update to patched kernel version from your distribution vendor. 2. Rebuild kernel if using custom build. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable PXA1908 clock driver module

linux

Prevent loading of vulnerable kernel module if not needed

echo 'blacklist pxa1908-mpmu' >> /etc/modprobe.d/blacklist.conf
rmmod pxa1908-mpmu

🧯 If You Can't Patch

Restrict local user access to prevent exploitation
Implement monitoring for kernel panic events and system crashes

🔍 How to Verify

Check if Vulnerable:

Check kernel version and configuration for PXA1908 support: grep -i pxa1908 /boot/config-$(uname -r) && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check for presence of fix commit: git log --oneline | grep -E '0869a7b2afdf|7def56f841af'

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/kern.log or dmesg
System crash/reboot events

Network Indicators:

None - local exploitation only

SIEM Query:

source="kern.log" AND "kernel panic" OR "Oops"

📊 Metadata

CVE ID: CVE-2024-58067

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.04% exploit probability (11th percentile)

Published: March 6, 2025

Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-58067, you might also want to check these: