CVE-2024-46745 is a vulnerability identified in the Linux kernel's uinput interface, specifically related to the handling of multitouch input slots. The uinput subsystem allows user-space applications to create and handle input devices. The vulnerability arises when an attacker or a fuzzing tool such as syzkaller attempts to create a device with an unreasonably large number of multitouch slots. The function input_mt_init_slots() is responsible for allocating memory for these slots. When an excessively large number of slots is requested, the kernel attempts to allocate a large amount of memory, which leads to allocation failure. Although the kernel properly handles this failure by rejecting the request, the process results in unnecessary system resource consumption and potential instability due to the overhead of managing and freeing large memory allocations for bogus requests. The fix implemented limits the maximum number of allowed slots to 100, which prevents excessive memory allocation and mitigates the risk of resource exhaustion. This limit can be adjusted in the future if legitimate devices require tracking more than 100 contacts. The vulnerability does not appear to allow for privilege escalation or arbitrary code execution directly, but it can cause denial of service conditions by burdening system resources. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.

For European organizations, the impact of CVE-2024-46745 primarily concerns systems running Linux kernels that include the vulnerable uinput implementation. Many enterprise environments, cloud providers, and embedded systems in Europe rely on Linux, making this vulnerability relevant. The main risk is a denial of service (DoS) scenario where an attacker or a fuzzing tool could cause excessive memory allocation attempts, leading to system instability or degraded performance. This could affect critical infrastructure, industrial control systems, or servers that rely on multitouch input devices or expose the uinput interface to untrusted users. Although the vulnerability requires interaction with the uinput interface, which is typically restricted, misconfigured systems or those with exposed interfaces could be targeted. The impact on confidentiality and integrity is minimal, but availability could be compromised, potentially disrupting business operations or service availability. Given the widespread use of Linux in European data centers, telecommunications, and government systems, organizations should prioritize patching to maintain system reliability and prevent potential service interruptions.

To mitigate CVE-2024-46745, European organizations should: 1) Apply the latest Linux kernel patches that enforce the slot limit of 100 in the uinput subsystem. This is the definitive fix preventing excessive memory allocation. 2) Restrict access to the uinput interface by enforcing strict permissions and limiting which users or processes can create input devices. This reduces the attack surface by preventing unprivileged users from exploiting the vulnerability. 3) Monitor system logs and resource usage for unusual activity related to input device creation or memory allocation failures, which could indicate attempted exploitation or fuzzing. 4) Employ kernel hardening and security modules (e.g., SELinux, AppArmor) to further restrict access to kernel interfaces. 5) For embedded or IoT devices running Linux, ensure firmware updates include this patch and validate device configurations to avoid exposing uinput unnecessarily. 6) Conduct regular vulnerability assessments and penetration testing to detect potential misconfigurations or exposures of the uinput interface. These steps go beyond generic advice by focusing on access control, monitoring, and patch management specifically tailored to the nature of this vulnerability.