CVE-2024-50150: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the release function. Before this fix, when using CONFIG_DEBUG_KOBJECT_RELEASE, we see issues like this: [ 43.572860] kobject: 'port0.0' (ffff8880057ba008): kobject_release, parent 0000000000000000 (delayed 3000) [ 43.573532] kobject: 'port0.1' (ffff8880057bd008): kobject_release, parent 0000000000000000 (delayed 1000) [ 43.574407] kobject: 'port0' (ffff8880057b9008): kobject_release, parent 0000000000000000 (delayed 3000) [ 43.575059] kobject: 'port1.0' (ffff8880057ca008): kobject_release, parent 0000000000000000 (delayed 4000) [ 43.575908] kobject: 'port1.1' (ffff8880057c9008): kobject_release, parent 0000000000000000 (delayed 4000) [ 43.576908] kobject: 'typec' (ffff8880062dbc00): kobject_release, parent 0000000000000000 (delayed 4000) [ 43.577769] kobject: 'port1' (ffff8880057bf008): kobject_release, parent 0000000000000000 (delayed 3000) [ 46.612867] ================================================================== [ 46.613402] BUG: KASAN: slab-use-after-free in typec_altmode_release+0x38/0x129 [ 46.614003] Read of size 8 at addr ffff8880057b9118 by task kworker/2:1/48 [ 46.614538] [ 46.614668] CPU: 2 UID: 0 PID: 48 Comm: kworker/2:1 Not tainted 6.12.0-rc1-00138-gedbae730ad31 #535 [ 46.615391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 [ 46.616042] Workqueue: events kobject_delayed_cleanup [ 46.616446] Call Trace: [ 46.616648] <TASK> [ 46.616820] dump_stack_lvl+0x5b/0x7c [ 46.617112] ? typec_altmode_release+0x38/0x129 [ 46.617470] print_report+0x14c/0x49e [ 46.617769] ? rcu_read_unlock_sched+0x56/0x69 [ 46.618117] ? __virt_addr_valid+0x19a/0x1ab [ 46.618456] ? kmem_cache_debug_flags+0xc/0x1d [ 46.618807] ? typec_altmode_release+0x38/0x129 [ 46.619161] kasan_report+0x8d/0xb4 [ 46.619447] ? typec_altmode_release+0x38/0x129 [ 46.619809] ? process_scheduled_works+0x3cb/0x85f [ 46.620185] typec_altmode_release+0x38/0x129 [ 46.620537] ? process_scheduled_works+0x3cb/0x85f [ 46.620907] device_release+0xaf/0xf2 [ 46.621206] kobject_delayed_cleanup+0x13b/0x17a [ 46.621584] process_scheduled_works+0x4f6/0x85f [ 46.621955] ? __pfx_process_scheduled_works+0x10/0x10 [ 46.622353] ? hlock_class+0x31/0x9a [ 46.622647] ? lock_acquired+0x361/0x3c3 [ 46.622956] ? move_linked_works+0x46/0x7d [ 46.623277] worker_thread+0x1ce/0x291 [ 46.623582] ? __kthread_parkme+0xc8/0xdf [ 46.623900] ? __pfx_worker_thread+0x10/0x10 [ 46.624236] kthread+0x17e/0x190 [ 46.624501] ? kthread+0xfb/0x190 [ 46.624756] ? __pfx_kthread+0x10/0x10 [ 46.625015] ret_from_fork+0x20/0x40 [ 46.625268] ? __pfx_kthread+0x10/0x10 [ 46.625532] ret_from_fork_asm+0x1a/0x30 [ 46.625805] </TASK> [ 46.625953] [ 46.626056] Allocated by task 678: [ 46.626287] kasan_save_stack+0x24/0x44 [ 46.626555] kasan_save_track+0x14/0x2d [ 46.626811] __kasan_kmalloc+0x3f/0x4d [ 46.627049] __kmalloc_noprof+0x1bf/0x1f0 [ 46.627362] typec_register_port+0x23/0x491 [ 46.627698] cros_typec_probe+0x634/0xbb6 [ 46.628026] platform_probe+0x47/0x8c [ 46.628311] really_probe+0x20a/0x47d [ 46.628605] device_driver_attach+0x39/0x72 [ 46.628940] bind_store+0x87/0xd7 [ 46.629213] kernfs_fop_write_iter+0x1aa/0x218 [ 46.629574] vfs_write+0x1d6/0x29b [ 46.629856] ksys_write+0xcd/0x13b [ 46.630128] do_syscall_64+0xd4/0x139 [ 46.630420] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 46.630820] [ 46.630946] Freed by task 48: [ 46.631182] kasan_save_stack+0x24/0x44 [ 46.631493] kasan_save_track+0x14/0x2d [ 46.631799] kasan_save_free_info+0x3f/0x4d [ 46.632144] __kasan_slab_free+0x37/0x45 [ 46.632474] ---truncated---
AI Analysis
Technical Summary
CVE-2024-50150 is a high-severity vulnerability in the Linux kernel related to the USB Type-C (typec) alternate mode (altmode) subsystem. The vulnerability arises because the altmode device release function does not maintain a proper reference count to its parent device. Specifically, when the altmode device is registered, it should increment the reference count of its parent device to prevent premature deallocation. However, prior to the fix, this reference was not kept, leading to a use-after-free condition. This flaw was detected under the CONFIG_DEBUG_KOBJECT_RELEASE kernel configuration, which revealed that the parent pointers of certain kobjects (kernel objects) became NULL prematurely, causing delayed cleanup issues and ultimately a kernel slab use-after-free error. The kernel Address Sanitizer (KASAN) detected this bug during the release of altmode objects, with detailed kernel stack traces showing the use-after-free occurring in the typec_altmode_release function. The root cause is a missing get_reference call on the parent device during altmode registration, which was corrected by adding this reference increment and a corresponding decrement in the release function. The vulnerability is classified under CWE-416 (Use After Free), and it affects Linux kernel versions identified by the commit hash 8a37d87d72f0c69f837229c04d2fcd7117ea57e7. The CVSS 3.1 score is 7.8 (high), reflecting the vulnerability’s potential to impact confidentiality, integrity, and availability with low attack complexity but requiring privileges (local access with low privileges) and no user interaction. Exploitation could lead to kernel crashes, denial of service, or potentially privilege escalation if an attacker can manipulate USB Type-C altmode devices or drivers. No known exploits are currently reported in the wild. The vulnerability affects systems using the Linux kernel with USB Type-C support, which is common in many modern Linux distributions and devices.
Potential Impact
For European organizations, the impact of CVE-2024-50150 can be significant, especially those relying on Linux-based infrastructure and devices with USB Type-C ports. The vulnerability can cause kernel crashes and system instability, leading to denial of service conditions. In environments where Linux is used for critical infrastructure, servers, or embedded systems, this could disrupt operations. Furthermore, the potential for privilege escalation could allow attackers to gain elevated access, threatening confidentiality and integrity of sensitive data. Industries such as telecommunications, manufacturing, finance, and government agencies in Europe that deploy Linux servers or endpoint devices with USB Type-C hardware are at risk. The vulnerability’s requirement for local privileges means that attackers would need some level of access to the system, which could be achieved through other means such as phishing or insider threats. The widespread use of Linux in European data centers, cloud environments, and IoT devices increases the attack surface. Additionally, the vulnerability could affect Linux-based virtual machines and containers running on European cloud providers, impacting service availability and security.
Mitigation Recommendations
European organizations should prioritize patching Linux kernels to versions that include the fix for CVE-2024-50150. Since the vulnerability is in the kernel USB Type-C altmode subsystem, updating to the latest stable kernel releases or vendor-provided patches is critical. Organizations should: 1) Audit their Linux systems to identify those running affected kernel versions with USB Type-C support enabled. 2) Apply kernel updates from trusted sources promptly, ensuring that the fix which adds proper reference counting to the altmode parent device is included. 3) For systems where immediate patching is not feasible, consider disabling USB Type-C support or restricting physical access to USB ports to reduce attack vectors. 4) Employ kernel hardening techniques such as enabling KASAN or other runtime memory error detection tools in testing environments to detect similar issues proactively. 5) Monitor system logs for kernel warnings or crashes related to USB devices, which may indicate exploitation attempts. 6) Implement strict access controls and endpoint security to prevent unauthorized local access, as exploitation requires local privileges. 7) Coordinate with hardware vendors and Linux distribution maintainers to ensure timely updates and advisories are received. These steps go beyond generic advice by focusing on USB Type-C subsystem awareness, kernel version auditing, and physical port controls.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain, Belgium
CVE-2024-50150: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the release function. Before this fix, when using CONFIG_DEBUG_KOBJECT_RELEASE, we see issues like this: [ 43.572860] kobject: 'port0.0' (ffff8880057ba008): kobject_release, parent 0000000000000000 (delayed 3000) [ 43.573532] kobject: 'port0.1' (ffff8880057bd008): kobject_release, parent 0000000000000000 (delayed 1000) [ 43.574407] kobject: 'port0' (ffff8880057b9008): kobject_release, parent 0000000000000000 (delayed 3000) [ 43.575059] kobject: 'port1.0' (ffff8880057ca008): kobject_release, parent 0000000000000000 (delayed 4000) [ 43.575908] kobject: 'port1.1' (ffff8880057c9008): kobject_release, parent 0000000000000000 (delayed 4000) [ 43.576908] kobject: 'typec' (ffff8880062dbc00): kobject_release, parent 0000000000000000 (delayed 4000) [ 43.577769] kobject: 'port1' (ffff8880057bf008): kobject_release, parent 0000000000000000 (delayed 3000) [ 46.612867] ================================================================== [ 46.613402] BUG: KASAN: slab-use-after-free in typec_altmode_release+0x38/0x129 [ 46.614003] Read of size 8 at addr ffff8880057b9118 by task kworker/2:1/48 [ 46.614538] [ 46.614668] CPU: 2 UID: 0 PID: 48 Comm: kworker/2:1 Not tainted 6.12.0-rc1-00138-gedbae730ad31 #535 [ 46.615391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 [ 46.616042] Workqueue: events kobject_delayed_cleanup [ 46.616446] Call Trace: [ 46.616648] <TASK> [ 46.616820] dump_stack_lvl+0x5b/0x7c [ 46.617112] ? typec_altmode_release+0x38/0x129 [ 46.617470] print_report+0x14c/0x49e [ 46.617769] ? rcu_read_unlock_sched+0x56/0x69 [ 46.618117] ? __virt_addr_valid+0x19a/0x1ab [ 46.618456] ? kmem_cache_debug_flags+0xc/0x1d [ 46.618807] ? typec_altmode_release+0x38/0x129 [ 46.619161] kasan_report+0x8d/0xb4 [ 46.619447] ? typec_altmode_release+0x38/0x129 [ 46.619809] ? process_scheduled_works+0x3cb/0x85f [ 46.620185] typec_altmode_release+0x38/0x129 [ 46.620537] ? process_scheduled_works+0x3cb/0x85f [ 46.620907] device_release+0xaf/0xf2 [ 46.621206] kobject_delayed_cleanup+0x13b/0x17a [ 46.621584] process_scheduled_works+0x4f6/0x85f [ 46.621955] ? __pfx_process_scheduled_works+0x10/0x10 [ 46.622353] ? hlock_class+0x31/0x9a [ 46.622647] ? lock_acquired+0x361/0x3c3 [ 46.622956] ? move_linked_works+0x46/0x7d [ 46.623277] worker_thread+0x1ce/0x291 [ 46.623582] ? __kthread_parkme+0xc8/0xdf [ 46.623900] ? __pfx_worker_thread+0x10/0x10 [ 46.624236] kthread+0x17e/0x190 [ 46.624501] ? kthread+0xfb/0x190 [ 46.624756] ? __pfx_kthread+0x10/0x10 [ 46.625015] ret_from_fork+0x20/0x40 [ 46.625268] ? __pfx_kthread+0x10/0x10 [ 46.625532] ret_from_fork_asm+0x1a/0x30 [ 46.625805] </TASK> [ 46.625953] [ 46.626056] Allocated by task 678: [ 46.626287] kasan_save_stack+0x24/0x44 [ 46.626555] kasan_save_track+0x14/0x2d [ 46.626811] __kasan_kmalloc+0x3f/0x4d [ 46.627049] __kmalloc_noprof+0x1bf/0x1f0 [ 46.627362] typec_register_port+0x23/0x491 [ 46.627698] cros_typec_probe+0x634/0xbb6 [ 46.628026] platform_probe+0x47/0x8c [ 46.628311] really_probe+0x20a/0x47d [ 46.628605] device_driver_attach+0x39/0x72 [ 46.628940] bind_store+0x87/0xd7 [ 46.629213] kernfs_fop_write_iter+0x1aa/0x218 [ 46.629574] vfs_write+0x1d6/0x29b [ 46.629856] ksys_write+0xcd/0x13b [ 46.630128] do_syscall_64+0xd4/0x139 [ 46.630420] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 46.630820] [ 46.630946] Freed by task 48: [ 46.631182] kasan_save_stack+0x24/0x44 [ 46.631493] kasan_save_track+0x14/0x2d [ 46.631799] kasan_save_free_info+0x3f/0x4d [ 46.632144] __kasan_slab_free+0x37/0x45 [ 46.632474] ---truncated---
AI-Powered Analysis
Technical Analysis
CVE-2024-50150 is a high-severity vulnerability in the Linux kernel related to the USB Type-C (typec) alternate mode (altmode) subsystem. The vulnerability arises because the altmode device release function does not maintain a proper reference count to its parent device. Specifically, when the altmode device is registered, it should increment the reference count of its parent device to prevent premature deallocation. However, prior to the fix, this reference was not kept, leading to a use-after-free condition. This flaw was detected under the CONFIG_DEBUG_KOBJECT_RELEASE kernel configuration, which revealed that the parent pointers of certain kobjects (kernel objects) became NULL prematurely, causing delayed cleanup issues and ultimately a kernel slab use-after-free error. The kernel Address Sanitizer (KASAN) detected this bug during the release of altmode objects, with detailed kernel stack traces showing the use-after-free occurring in the typec_altmode_release function. The root cause is a missing get_reference call on the parent device during altmode registration, which was corrected by adding this reference increment and a corresponding decrement in the release function. The vulnerability is classified under CWE-416 (Use After Free), and it affects Linux kernel versions identified by the commit hash 8a37d87d72f0c69f837229c04d2fcd7117ea57e7. The CVSS 3.1 score is 7.8 (high), reflecting the vulnerability’s potential to impact confidentiality, integrity, and availability with low attack complexity but requiring privileges (local access with low privileges) and no user interaction. Exploitation could lead to kernel crashes, denial of service, or potentially privilege escalation if an attacker can manipulate USB Type-C altmode devices or drivers. No known exploits are currently reported in the wild. The vulnerability affects systems using the Linux kernel with USB Type-C support, which is common in many modern Linux distributions and devices.
Potential Impact
For European organizations, the impact of CVE-2024-50150 can be significant, especially those relying on Linux-based infrastructure and devices with USB Type-C ports. The vulnerability can cause kernel crashes and system instability, leading to denial of service conditions. In environments where Linux is used for critical infrastructure, servers, or embedded systems, this could disrupt operations. Furthermore, the potential for privilege escalation could allow attackers to gain elevated access, threatening confidentiality and integrity of sensitive data. Industries such as telecommunications, manufacturing, finance, and government agencies in Europe that deploy Linux servers or endpoint devices with USB Type-C hardware are at risk. The vulnerability’s requirement for local privileges means that attackers would need some level of access to the system, which could be achieved through other means such as phishing or insider threats. The widespread use of Linux in European data centers, cloud environments, and IoT devices increases the attack surface. Additionally, the vulnerability could affect Linux-based virtual machines and containers running on European cloud providers, impacting service availability and security.
Mitigation Recommendations
European organizations should prioritize patching Linux kernels to versions that include the fix for CVE-2024-50150. Since the vulnerability is in the kernel USB Type-C altmode subsystem, updating to the latest stable kernel releases or vendor-provided patches is critical. Organizations should: 1) Audit their Linux systems to identify those running affected kernel versions with USB Type-C support enabled. 2) Apply kernel updates from trusted sources promptly, ensuring that the fix which adds proper reference counting to the altmode parent device is included. 3) For systems where immediate patching is not feasible, consider disabling USB Type-C support or restricting physical access to USB ports to reduce attack vectors. 4) Employ kernel hardening techniques such as enabling KASAN or other runtime memory error detection tools in testing environments to detect similar issues proactively. 5) Monitor system logs for kernel warnings or crashes related to USB devices, which may indicate exploitation attempts. 6) Implement strict access controls and endpoint security to prevent unauthorized local access, as exploitation requires local privileges. 7) Coordinate with hardware vendors and Linux distribution maintainers to ensure timely updates and advisories are received. These steps go beyond generic advice by focusing on USB Type-C subsystem awareness, kernel version auditing, and physical port controls.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-10-21T19:36:19.959Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9825c4522896dcbe00f1
Added to database: 5/21/2025, 9:08:53 AM
Last enriched: 7/3/2025, 12:10:40 AM
Last updated: 8/12/2025, 8:48:08 AM
Views: 15
Related Threats
CVE-2025-22834: CWE-665 Improper Initialization in AMI AptioV
MediumCVE-2025-22830: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in AMI AptioV
HighCVE-2025-43735: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Liferay Portal
MediumCVE-2025-40770: CWE-300: Channel Accessible by Non-Endpoint in Siemens SINEC Traffic Analyzer
HighCVE-2025-40769: CWE-1164: Irrelevant Code in Siemens SINEC Traffic Analyzer
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.