CVE-2024-57904
Published: 19 January 2025
Summary
CVE-2024-57904 is a high-severity an unspecified weakness vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 2.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-57904 is a vulnerability in the Linux kernel's Industrial I/O (IIO) ADC AT91 driver, specifically within the at91_ts_register() function. The issue arises because the current implementation calls input_free_device() on st->ts_input during error handling, but the error label (err) can be reached before the allocated iio_dev is assigned to st->ts_input. This leads to improper cleanup of the input device. The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
A local attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction required. Successful exploitation allows high-impact consequences, including unauthorized disclosure of information, modification of data, and denial of service through potential memory corruption or crashes stemming from the mishandled device freeing.
Mitigation involves applying the patches from the referenced kernel stable commits, such as https://git.kernel.org/stable/c/028a1ba8e3bae593d701aee4f690ce7c195b67d6 and others listed, which correct the input_free_device() call to target the local 'input' variable instead of st->ts_input on the error path. Security practitioners should update affected Linux kernel versions accordingly.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-53807
Vulnerability details
In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91: call input_free_device() on allocated iio_dev Current implementation of at91_ts_register() calls input_free_deivce() on st->ts_input, however, the err label can be reached before the allocated iio_dev is stored to…
more
st->ts_input. Thus call input_free_device() on input instead of st->ts_input.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local kernel memory corruption bug directly enables privilege escalation via exploitation of the driver flaw.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the improper input device cleanup flaw in the AT91 driver by requiring timely patching of the Linux kernel vulnerability.
Vulnerability scanning identifies the presence of CVE-2024-57904 in affected Linux kernel versions for prioritization of remediation.
Memory protection mechanisms mitigate potential exploitation of the mishandled device freeing leading to corruption or crashes.