CVE-2024-50107: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounmap() address range checks") introduces a WARN when adrress ranges of iounmap are invalid. On Thinkpad P1 Gen 7 (Meteor Lake-P) this caused the following warning to appear: WARNING: CPU: 7 PID: 713 at arch/x86/mm/ioremap.c:461 iounmap+0x58/0x1f0 Modules linked in: rfkill(+) snd_timer(+) fjes(+) snd soundcore intel_pmc_core(+) int3403_thermal(+) int340x_thermal_zone intel_vsec pmt_telemetry acpi_pad pmt_class acpi_tad int3400_thermal acpi_thermal_rel joydev loop nfnetlink zram xe drm_suballoc_helper nouveau i915 mxm_wmi drm_ttm_helper gpu_sched drm_gpuvm drm_exec drm_buddy i2c_algo_bit crct10dif_pclmul crc32_pclmul ttm crc32c_intel polyval_clmulni rtsx_pci_sdmmc ucsi_acpi polyval_generic mmc_core hid_multitouch drm_display_helper ghash_clmulni_intel typec_ucsi nvme sha512_ssse3 video sha256_ssse3 nvme_core intel_vpu sha1_ssse3 rtsx_pci cec typec nvme_auth i2c_hid_acpi i2c_hid wmi pinctrl_meteorlake serio_raw ip6_tables ip_tables fuse CPU: 7 UID: 0 PID: 713 Comm: (udev-worker) Not tainted 6.12.0-rc2iounmap+ #42 Hardware name: LENOVO 21KWCTO1WW/21KWCTO1WW, BIOS N48ET19W (1.06 ) 07/18/2024 RIP: 0010:iounmap+0x58/0x1f0 Code: 85 6a 01 00 00 48 8b 05 e6 e2 28 04 48 39 c5 72 19 eb 26 cc cc cc 48 ba 00 00 00 00 00 00 32 00 48 8d 44 02 ff 48 39 c5 72 23 <0f> 0b 48 83 c4 08 5b 5d 41 5c c3 cc cc cc cc 48 ba 00 00 00 00 00 RSP: 0018:ffff888131eff038 EFLAGS: 00010207 RAX: ffffc90000000000 RBX: 0000000000000000 RCX: ffff888e33b80000 RDX: dffffc0000000000 RSI: ffff888e33bc29c0 RDI: 0000000000000000 RBP: 0000000000000000 R08: ffff8881598a8000 R09: ffff888e2ccedc10 R10: 0000000000000003 R11: ffffffffb3367634 R12: 00000000fe000000 R13: ffff888101d0da28 R14: ffffffffc2e437e0 R15: ffff888110b03b28 FS: 00007f3c1d4b3980(0000) GS:ffff888e33b80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005651cfc93578 CR3: 0000000124e4c002 CR4: 0000000000f70ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <TASK> ? __warn.cold+0xb6/0x176 ? iounmap+0x58/0x1f0 ? report_bug+0x1f4/0x2b0 ? handle_bug+0x58/0x90 ? exc_invalid_op+0x17/0x40 ? asm_exc_invalid_op+0x1a/0x20 ? iounmap+0x58/0x1f0 pmc_core_ssram_get_pmc+0x477/0x6c0 [intel_pmc_core] ? __pfx_pmc_core_ssram_get_pmc+0x10/0x10 [intel_pmc_core] ? __pfx_do_pci_enable_device+0x10/0x10 ? pci_wait_for_pending+0x60/0x110 ? pci_enable_device_flags+0x1e3/0x2e0 ? __pfx_mtl_core_init+0x10/0x10 [intel_pmc_core] pmc_core_ssram_init+0x7f/0x110 [intel_pmc_core] mtl_core_init+0xda/0x130 [intel_pmc_core] ? __mutex_init+0xb9/0x130 pmc_core_probe+0x27e/0x10b0 [intel_pmc_core] ? _raw_spin_lock_irqsave+0x96/0xf0 ? __pfx_pmc_core_probe+0x10/0x10 [intel_pmc_core] ? __pfx_mutex_unlock+0x10/0x10 ? __pfx_mutex_lock+0x10/0x10 ? device_pm_check_callbacks+0x82/0x370 ? acpi_dev_pm_attach+0x234/0x2b0 platform_probe+0x9f/0x150 really_probe+0x1e0/0x8a0 __driver_probe_device+0x18c/0x370 ? __pfx___driver_attach+0x10/0x10 driver_probe_device+0x4a/0x120 __driver_attach+0x190/0x4a0 ? __pfx___driver_attach+0x10/0x10 bus_for_each_dev+0x103/0x180 ? __pfx_bus_for_each_dev+0x10/0x10 ? klist_add_tail+0x136/0x270 bus_add_driver+0x2fc/0x540 driver_register+0x1a5/0x360 ? __pfx_pmc_core_driver_init+0x10/0x10 [intel_pmc_core] do_one_initcall+0xa4/0x380 ? __pfx_do_one_initcall+0x10/0x10 ? kasan_unpoison+0x44/0x70 do_init_module+0x296/0x800 load_module+0x5090/0x6ce0 ? __pfx_load_module+0x10/0x10 ? ima_post_read_file+0x193/0x200 ? __pfx_ima_post_read_file+0x10/0x10 ? rw_verify_area+0x152/0x4c0 ? kernel_read_file+0x257/0x750 ? __pfx_kernel_read_file+0x10/0x10 ? __pfx_filemap_get_read_batch+0x10/0x10 ? init_module_from_file+0xd1/0x130 init_module_from_file+0xd1/0x130 ? __pfx_init_module_from_file+0x10/0 ---truncated---
AI Analysis
Technical Summary
CVE-2024-50107 addresses a vulnerability in the Linux kernel related to the Intel PMC (Performance Monitoring Controller) core driver, specifically within the platform/x86/intel/pmc subsystem. The issue arises from improper handling of address ranges in the iounmap() function, which is responsible for unmapping I/O memory regions previously mapped into the kernel's address space. The vulnerability was identified when a kernel warning (WARN) was introduced in commit 50c6dbdfd16e, which improved address range checks in iounmap(). On affected hardware, such as the Lenovo ThinkPad P1 Gen 7 with Meteor Lake-P processors, invalid address ranges passed to iounmap() triggered kernel warnings, indicating potential mishandling of memory unmapping. The root cause is that pmc_core_iounmap did not properly call iounmap for valid addresses, leading to invalid memory operations. This can cause kernel warnings and potentially unstable behavior or crashes if the kernel attempts to unmap invalid or already unmapped memory regions. The stack trace shows involvement of the intel_pmc_core module and related PCI device initialization routines, suggesting the vulnerability may be triggered during device probing or power management operations. Although no direct exploit has been reported in the wild, the improper memory unmapping could be leveraged by a local attacker or malicious kernel module to cause denial of service (kernel panic) or potentially escalate privileges by corrupting kernel memory mappings. The vulnerability affects Linux kernel versions prior to the fix introduced in the 6.12.0-rc2 release cycle. The issue is specific to x86 platforms with Intel PMC core drivers, particularly on newer hardware platforms like Meteor Lake-P. No CVSS score is assigned yet, and no known exploits have been reported.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to servers, workstations, and embedded systems running affected Linux kernel versions on Intel x86 hardware, especially newer Intel platforms such as Meteor Lake-P. The impact includes potential system instability, kernel panics, or denial of service caused by improper memory unmapping during device initialization or power management. In environments where uptime and reliability are critical—such as financial institutions, healthcare providers, telecommunications, and industrial control systems—such disruptions could lead to operational downtime and service interruptions. Although exploitation requires local access or the ability to load kernel modules, attackers with such privileges could leverage this flaw to destabilize systems or attempt privilege escalation. Given the widespread use of Linux in enterprise and cloud environments across Europe, the vulnerability could affect data centers and cloud service providers, impacting availability of hosted services. However, the lack of known remote exploitability and requirement for local code execution limits the risk to insider threats or attackers who have already compromised a system. The vulnerability also highlights the importance of hardware-specific kernel driver security, as newer Intel platforms are increasingly deployed in European corporate and government infrastructures.
Mitigation Recommendations
European organizations should prioritize updating Linux kernels to versions including the fix for CVE-2024-50107, such as 6.12.0-rc2 or later stable releases containing the patch. Kernel updates should be tested in staging environments to ensure compatibility with existing hardware and drivers, particularly on systems with Intel Meteor Lake-P or similar platforms. For environments where immediate kernel upgrades are not feasible, organizations should restrict local access to trusted users only and enforce strict controls on kernel module loading, using mechanisms like module signing and secure boot to prevent unauthorized kernel code execution. Monitoring kernel logs for WARN messages related to iounmap() can help detect attempts to trigger the vulnerability. Additionally, organizations should review and harden device driver configurations and power management settings to minimize exposure. Security teams should maintain awareness of further advisories or exploit developments related to this vulnerability. For critical systems, consider deploying kernel live patching solutions that can apply fixes without full reboots, reducing downtime. Finally, implement comprehensive endpoint protection and intrusion detection to identify and respond to potential insider threats or privilege escalation attempts exploiting this flaw.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain, Poland, Belgium
CVE-2024-50107: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounmap() address range checks") introduces a WARN when adrress ranges of iounmap are invalid. On Thinkpad P1 Gen 7 (Meteor Lake-P) this caused the following warning to appear: WARNING: CPU: 7 PID: 713 at arch/x86/mm/ioremap.c:461 iounmap+0x58/0x1f0 Modules linked in: rfkill(+) snd_timer(+) fjes(+) snd soundcore intel_pmc_core(+) int3403_thermal(+) int340x_thermal_zone intel_vsec pmt_telemetry acpi_pad pmt_class acpi_tad int3400_thermal acpi_thermal_rel joydev loop nfnetlink zram xe drm_suballoc_helper nouveau i915 mxm_wmi drm_ttm_helper gpu_sched drm_gpuvm drm_exec drm_buddy i2c_algo_bit crct10dif_pclmul crc32_pclmul ttm crc32c_intel polyval_clmulni rtsx_pci_sdmmc ucsi_acpi polyval_generic mmc_core hid_multitouch drm_display_helper ghash_clmulni_intel typec_ucsi nvme sha512_ssse3 video sha256_ssse3 nvme_core intel_vpu sha1_ssse3 rtsx_pci cec typec nvme_auth i2c_hid_acpi i2c_hid wmi pinctrl_meteorlake serio_raw ip6_tables ip_tables fuse CPU: 7 UID: 0 PID: 713 Comm: (udev-worker) Not tainted 6.12.0-rc2iounmap+ #42 Hardware name: LENOVO 21KWCTO1WW/21KWCTO1WW, BIOS N48ET19W (1.06 ) 07/18/2024 RIP: 0010:iounmap+0x58/0x1f0 Code: 85 6a 01 00 00 48 8b 05 e6 e2 28 04 48 39 c5 72 19 eb 26 cc cc cc 48 ba 00 00 00 00 00 00 32 00 48 8d 44 02 ff 48 39 c5 72 23 <0f> 0b 48 83 c4 08 5b 5d 41 5c c3 cc cc cc cc 48 ba 00 00 00 00 00 RSP: 0018:ffff888131eff038 EFLAGS: 00010207 RAX: ffffc90000000000 RBX: 0000000000000000 RCX: ffff888e33b80000 RDX: dffffc0000000000 RSI: ffff888e33bc29c0 RDI: 0000000000000000 RBP: 0000000000000000 R08: ffff8881598a8000 R09: ffff888e2ccedc10 R10: 0000000000000003 R11: ffffffffb3367634 R12: 00000000fe000000 R13: ffff888101d0da28 R14: ffffffffc2e437e0 R15: ffff888110b03b28 FS: 00007f3c1d4b3980(0000) GS:ffff888e33b80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005651cfc93578 CR3: 0000000124e4c002 CR4: 0000000000f70ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <TASK> ? __warn.cold+0xb6/0x176 ? iounmap+0x58/0x1f0 ? report_bug+0x1f4/0x2b0 ? handle_bug+0x58/0x90 ? exc_invalid_op+0x17/0x40 ? asm_exc_invalid_op+0x1a/0x20 ? iounmap+0x58/0x1f0 pmc_core_ssram_get_pmc+0x477/0x6c0 [intel_pmc_core] ? __pfx_pmc_core_ssram_get_pmc+0x10/0x10 [intel_pmc_core] ? __pfx_do_pci_enable_device+0x10/0x10 ? pci_wait_for_pending+0x60/0x110 ? pci_enable_device_flags+0x1e3/0x2e0 ? __pfx_mtl_core_init+0x10/0x10 [intel_pmc_core] pmc_core_ssram_init+0x7f/0x110 [intel_pmc_core] mtl_core_init+0xda/0x130 [intel_pmc_core] ? __mutex_init+0xb9/0x130 pmc_core_probe+0x27e/0x10b0 [intel_pmc_core] ? _raw_spin_lock_irqsave+0x96/0xf0 ? __pfx_pmc_core_probe+0x10/0x10 [intel_pmc_core] ? __pfx_mutex_unlock+0x10/0x10 ? __pfx_mutex_lock+0x10/0x10 ? device_pm_check_callbacks+0x82/0x370 ? acpi_dev_pm_attach+0x234/0x2b0 platform_probe+0x9f/0x150 really_probe+0x1e0/0x8a0 __driver_probe_device+0x18c/0x370 ? __pfx___driver_attach+0x10/0x10 driver_probe_device+0x4a/0x120 __driver_attach+0x190/0x4a0 ? __pfx___driver_attach+0x10/0x10 bus_for_each_dev+0x103/0x180 ? __pfx_bus_for_each_dev+0x10/0x10 ? klist_add_tail+0x136/0x270 bus_add_driver+0x2fc/0x540 driver_register+0x1a5/0x360 ? __pfx_pmc_core_driver_init+0x10/0x10 [intel_pmc_core] do_one_initcall+0xa4/0x380 ? __pfx_do_one_initcall+0x10/0x10 ? kasan_unpoison+0x44/0x70 do_init_module+0x296/0x800 load_module+0x5090/0x6ce0 ? __pfx_load_module+0x10/0x10 ? ima_post_read_file+0x193/0x200 ? __pfx_ima_post_read_file+0x10/0x10 ? rw_verify_area+0x152/0x4c0 ? kernel_read_file+0x257/0x750 ? __pfx_kernel_read_file+0x10/0x10 ? __pfx_filemap_get_read_batch+0x10/0x10 ? init_module_from_file+0xd1/0x130 init_module_from_file+0xd1/0x130 ? __pfx_init_module_from_file+0x10/0 ---truncated---
AI-Powered Analysis
Technical Analysis
CVE-2024-50107 addresses a vulnerability in the Linux kernel related to the Intel PMC (Performance Monitoring Controller) core driver, specifically within the platform/x86/intel/pmc subsystem. The issue arises from improper handling of address ranges in the iounmap() function, which is responsible for unmapping I/O memory regions previously mapped into the kernel's address space. The vulnerability was identified when a kernel warning (WARN) was introduced in commit 50c6dbdfd16e, which improved address range checks in iounmap(). On affected hardware, such as the Lenovo ThinkPad P1 Gen 7 with Meteor Lake-P processors, invalid address ranges passed to iounmap() triggered kernel warnings, indicating potential mishandling of memory unmapping. The root cause is that pmc_core_iounmap did not properly call iounmap for valid addresses, leading to invalid memory operations. This can cause kernel warnings and potentially unstable behavior or crashes if the kernel attempts to unmap invalid or already unmapped memory regions. The stack trace shows involvement of the intel_pmc_core module and related PCI device initialization routines, suggesting the vulnerability may be triggered during device probing or power management operations. Although no direct exploit has been reported in the wild, the improper memory unmapping could be leveraged by a local attacker or malicious kernel module to cause denial of service (kernel panic) or potentially escalate privileges by corrupting kernel memory mappings. The vulnerability affects Linux kernel versions prior to the fix introduced in the 6.12.0-rc2 release cycle. The issue is specific to x86 platforms with Intel PMC core drivers, particularly on newer hardware platforms like Meteor Lake-P. No CVSS score is assigned yet, and no known exploits have been reported.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to servers, workstations, and embedded systems running affected Linux kernel versions on Intel x86 hardware, especially newer Intel platforms such as Meteor Lake-P. The impact includes potential system instability, kernel panics, or denial of service caused by improper memory unmapping during device initialization or power management. In environments where uptime and reliability are critical—such as financial institutions, healthcare providers, telecommunications, and industrial control systems—such disruptions could lead to operational downtime and service interruptions. Although exploitation requires local access or the ability to load kernel modules, attackers with such privileges could leverage this flaw to destabilize systems or attempt privilege escalation. Given the widespread use of Linux in enterprise and cloud environments across Europe, the vulnerability could affect data centers and cloud service providers, impacting availability of hosted services. However, the lack of known remote exploitability and requirement for local code execution limits the risk to insider threats or attackers who have already compromised a system. The vulnerability also highlights the importance of hardware-specific kernel driver security, as newer Intel platforms are increasingly deployed in European corporate and government infrastructures.
Mitigation Recommendations
European organizations should prioritize updating Linux kernels to versions including the fix for CVE-2024-50107, such as 6.12.0-rc2 or later stable releases containing the patch. Kernel updates should be tested in staging environments to ensure compatibility with existing hardware and drivers, particularly on systems with Intel Meteor Lake-P or similar platforms. For environments where immediate kernel upgrades are not feasible, organizations should restrict local access to trusted users only and enforce strict controls on kernel module loading, using mechanisms like module signing and secure boot to prevent unauthorized kernel code execution. Monitoring kernel logs for WARN messages related to iounmap() can help detect attempts to trigger the vulnerability. Additionally, organizations should review and harden device driver configurations and power management settings to minimize exposure. Security teams should maintain awareness of further advisories or exploit developments related to this vulnerability. For critical systems, consider deploying kernel live patching solutions that can apply fixes without full reboots, reducing downtime. Finally, implement comprehensive endpoint protection and intrusion detection to identify and respond to potential insider threats or privilege escalation attempts exploiting this flaw.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-10-21T19:36:19.947Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9825c4522896dcbdff79
Added to database: 5/21/2025, 9:08:53 AM
Last enriched: 6/28/2025, 5:24:50 PM
Last updated: 8/7/2025, 4:31:22 PM
Views: 14
Related Threats
CVE-2025-9053: SQL Injection in projectworlds Travel Management System
MediumCVE-2025-9052: SQL Injection in projectworlds Travel Management System
MediumCVE-2025-9019: Heap-based Buffer Overflow in tcpreplay
LowCVE-2025-9017: Cross Site Scripting in PHPGurukul Zoo Management System
MediumCVE-2025-9051: SQL Injection in projectworlds Travel Management System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.