Thursday, May 1, 2025
Homecyber securityLinux Kernal Vulnerability Let Attackers Bypass CPU & Gain Read/Write Access

Linux Kernal Vulnerability Let Attackers Bypass CPU & Gain Read/Write Access

Published on

SIEM as a Service

Follow Us on Google News

Researchers have uncovered a critical vulnerability within the Linux kernel’s dmam_free_coherent() function.

This flaw, identified as CVE-2024-43856, stems from a race condition caused by the improper order of operations when freeing Direct Memory Access (DMA) allocations and managing associated resources.

The vulnerability poses a significant risk, as it could allow attackers to bypass CPU protections and gain unauthorized read/write access to system memory.

- Advertisement - Google News

Understanding the Vulnerability

DMA is a crucial mechanism that enables hardware devices to transfer data directly to and from system memory without CPU involvement, enhancing performance.

Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot

The dmam_free_coherent() function frees a DMA allocation and removes the associated data structure used to track it. However, a flaw in this process could lead to system instabilities, data corruption, unexpected behavior, or even crashes.

The vulnerability arises from a race condition where a concurrent task could allocate memory with the same virtual address and add it to the tracking list before removing the original entry.

If exploited, this could result in the devres_destroy function freeing the wrong entry, triggering a WARN_ON assertion in the dmam_match function.

This scenario could allow attackers to manipulate memory allocations, potentially leading to severe security breaches.

The Patch – CVE-2024-43856

In response to this vulnerability, a new patch has been committed to the Linux kernel by Greg Kroah-Hartman.

Lance Richardson from Google authored the patch, which modifies the dmam_free_coherent () function to address a bug in DMA allocation handling.

The solution involves swapping the order of function calls to ensure the tracking data structure is destroyed using devres_destroy before the DMA allocation is freed with dma_free_coherent.

This change prevents the possibility of a concurrent task interfering with the cleanup process.

The patch has undergone testing on Google’s internal “kokonut” network encryption project. It has been signed off by Christoph Hellwig and Sasha Levin, indicating its readiness for inclusion in the mainline Linux kernel.

This proactive measure highlights the developer community’s ongoing efforts to identify and rectify potential bugs, ensuring a more stable and reliable operating system for users worldwide.

While exploiting the dmam_free_coherent() vulnerability to write arbitrary data into CPU memory would be complex and highly dependent on specific system configurations, the patch provides a crucial safeguard against potential attacks.

As the Linux kernel continues to evolve and power a vast array of devices, addressing vulnerabilities like CVE-2024-43856 is essential to maintaining the security and integrity of systems globally.

This case underscores the importance of vigilance and collaboration within the open-source community to protect against emerging threats.

Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Managing Shadow IT Risks – CISO’s Practical Toolkit

Managing Shadow IT risks has become a critical challenge for Chief Information Security Officers...

Application Security in 2025 – CISO’s Priority Guide

Application security in 2025 has become a defining concern for every Chief Information Security...

Preparing for Quantum Cybersecurity Risks – CISO Insights

Quantum cybersecurity risks represent a paradigm shift in cybersecurity, demanding immediate attention from Chief...

Securing Digital Transformation – CISO’s Resource Hub

In today’s hyper-connected world, securing digital transformation is a technological upgrade and a fundamental...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Netgear EX6200 Flaw Enables Remote Access and Data Theft

Security researchers have disclosed three critical vulnerabilities in the Netgear EX6200 Wi-Fi range extender...

Tesla Model 3 VCSEC Vulnerability Lets Hackers Run Arbitrary Code

A high security flaw in Tesla’s Model 3 vehicles, disclosed at the 2025 Pwn2Own...

Apache ActiveMQ Vulnerability Lets Remote Hackers Execute Arbitrary Code

A high vulnerability in Apache ActiveMQ’s .NET Message Service (NMS) library has been uncovered,...