CVE-2024-53067: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence, only start the RTC update work after runtime power management in the UFS driver has been fully initialized. This patch fixes the following kernel crash: Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Workqueue: events ufshcd_rtc_work Call trace: _raw_spin_lock_irqsave+0x34/0x8c (P) pm_runtime_get_if_active+0x24/0x9c (L) pm_runtime_get_if_active+0x24/0x9c ufshcd_rtc_work+0x138/0x1b4 process_one_work+0x148/0x288 worker_thread+0x2cc/0x3d4 kthread+0x110/0x114 ret_from_fork+0x10/0x20
AI Analysis
Technical Summary
CVE-2024-53067 is a vulnerability identified in the Linux kernel specifically related to the UFS (Universal Flash Storage) driver subsystem. The issue arises from the timing of starting the RTC (Real-Time Clock) update work in relation to the runtime power management initialization of the UFS controller. The vulnerability is caused because the RTC update work, which involves runtime resuming the UFS controller, was initiated prematurely before the runtime power management had fully initialized the UFS driver. This improper sequencing leads to a kernel crash characterized by an internal error (Oops) with a specific call trace involving spinlocks and runtime power management functions. The crash occurs in the workqueue handling the ufshcd_rtc_work, which is responsible for managing RTC updates in the UFS driver. The root cause is a race condition or improper synchronization between the RTC update work and the power management state of the UFS controller. The patch fixes this by deferring the start of the RTC update work until after the runtime power management is fully initialized, preventing the kernel panic. This vulnerability affects Linux kernel versions identified by specific commit hashes, indicating it is present in certain recent or development versions of the kernel. There are no known exploits in the wild at the time of publication, and no CVSS score has been assigned yet. The vulnerability primarily impacts system stability and availability due to the kernel crash, rather than confidentiality or integrity directly. Systems using UFS storage and relying on Linux kernel versions with this flaw are at risk of unexpected crashes, which could lead to denial of service conditions.
Potential Impact
For European organizations, the impact of CVE-2024-53067 centers on system reliability and availability. Linux is widely used across European enterprises, government agencies, and critical infrastructure, often powering servers, embedded devices, and network equipment. Organizations utilizing devices or systems with UFS storage and running affected Linux kernel versions may experience kernel panics leading to system downtime. This can disrupt business operations, especially in sectors relying on high availability such as finance, telecommunications, healthcare, and manufacturing. Although the vulnerability does not directly expose data or allow privilege escalation, the denial of service caused by kernel crashes can have cascading effects, including loss of productivity, interruption of critical services, and increased operational costs. Additionally, embedded systems and IoT devices using Linux with UFS storage in industrial or smart city deployments across Europe could be affected, potentially impacting operational technology environments. The absence of known exploits reduces immediate risk, but the vulnerability should be addressed promptly to prevent exploitation attempts or accidental crashes in production environments.
Mitigation Recommendations
To mitigate CVE-2024-53067, European organizations should: 1) Identify and inventory all Linux systems using UFS storage, particularly those running kernel versions corresponding to the affected commit hashes. 2) Apply the official Linux kernel patch that defers the RTC update work start until after runtime power management initialization is complete. This patch is critical to prevent kernel crashes. 3) For distributions that have backported fixes, ensure that all relevant kernel updates are applied promptly through standard update mechanisms. 4) In environments where immediate patching is not feasible, consider disabling or limiting the use of UFS storage or the RTC update work functionality if possible, as a temporary workaround. 5) Monitor system logs for kernel oops or crashes related to ufshcd_rtc_work or runtime power management to detect potential exploitation or instability. 6) Engage with hardware and OS vendors to confirm patch availability and deployment timelines. 7) Incorporate this vulnerability into vulnerability management and incident response plans to ensure rapid remediation and detection of related issues. 8) Test patches in staging environments to verify stability before production deployment, especially in critical infrastructure systems.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain, Poland, Belgium
CVE-2024-53067: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence, only start the RTC update work after runtime power management in the UFS driver has been fully initialized. This patch fixes the following kernel crash: Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Workqueue: events ufshcd_rtc_work Call trace: _raw_spin_lock_irqsave+0x34/0x8c (P) pm_runtime_get_if_active+0x24/0x9c (L) pm_runtime_get_if_active+0x24/0x9c ufshcd_rtc_work+0x138/0x1b4 process_one_work+0x148/0x288 worker_thread+0x2cc/0x3d4 kthread+0x110/0x114 ret_from_fork+0x10/0x20
AI-Powered Analysis
Technical Analysis
CVE-2024-53067 is a vulnerability identified in the Linux kernel specifically related to the UFS (Universal Flash Storage) driver subsystem. The issue arises from the timing of starting the RTC (Real-Time Clock) update work in relation to the runtime power management initialization of the UFS controller. The vulnerability is caused because the RTC update work, which involves runtime resuming the UFS controller, was initiated prematurely before the runtime power management had fully initialized the UFS driver. This improper sequencing leads to a kernel crash characterized by an internal error (Oops) with a specific call trace involving spinlocks and runtime power management functions. The crash occurs in the workqueue handling the ufshcd_rtc_work, which is responsible for managing RTC updates in the UFS driver. The root cause is a race condition or improper synchronization between the RTC update work and the power management state of the UFS controller. The patch fixes this by deferring the start of the RTC update work until after the runtime power management is fully initialized, preventing the kernel panic. This vulnerability affects Linux kernel versions identified by specific commit hashes, indicating it is present in certain recent or development versions of the kernel. There are no known exploits in the wild at the time of publication, and no CVSS score has been assigned yet. The vulnerability primarily impacts system stability and availability due to the kernel crash, rather than confidentiality or integrity directly. Systems using UFS storage and relying on Linux kernel versions with this flaw are at risk of unexpected crashes, which could lead to denial of service conditions.
Potential Impact
For European organizations, the impact of CVE-2024-53067 centers on system reliability and availability. Linux is widely used across European enterprises, government agencies, and critical infrastructure, often powering servers, embedded devices, and network equipment. Organizations utilizing devices or systems with UFS storage and running affected Linux kernel versions may experience kernel panics leading to system downtime. This can disrupt business operations, especially in sectors relying on high availability such as finance, telecommunications, healthcare, and manufacturing. Although the vulnerability does not directly expose data or allow privilege escalation, the denial of service caused by kernel crashes can have cascading effects, including loss of productivity, interruption of critical services, and increased operational costs. Additionally, embedded systems and IoT devices using Linux with UFS storage in industrial or smart city deployments across Europe could be affected, potentially impacting operational technology environments. The absence of known exploits reduces immediate risk, but the vulnerability should be addressed promptly to prevent exploitation attempts or accidental crashes in production environments.
Mitigation Recommendations
To mitigate CVE-2024-53067, European organizations should: 1) Identify and inventory all Linux systems using UFS storage, particularly those running kernel versions corresponding to the affected commit hashes. 2) Apply the official Linux kernel patch that defers the RTC update work start until after runtime power management initialization is complete. This patch is critical to prevent kernel crashes. 3) For distributions that have backported fixes, ensure that all relevant kernel updates are applied promptly through standard update mechanisms. 4) In environments where immediate patching is not feasible, consider disabling or limiting the use of UFS storage or the RTC update work functionality if possible, as a temporary workaround. 5) Monitor system logs for kernel oops or crashes related to ufshcd_rtc_work or runtime power management to detect potential exploitation or instability. 6) Engage with hardware and OS vendors to confirm patch availability and deployment timelines. 7) Incorporate this vulnerability into vulnerability management and incident response plans to ensure rapid remediation and detection of related issues. 8) Test patches in staging environments to verify stability before production deployment, especially in critical infrastructure systems.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-11-19T17:17:24.975Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9824c4522896dcbdf8c0
Added to database: 5/21/2025, 9:08:52 AM
Last enriched: 6/28/2025, 2:27:21 PM
Last updated: 8/1/2025, 9:58:54 AM
Views: 10
Related Threats
CVE-2025-5296: CWE-59 Improper Link Resolution Before File Access ('Link Following') in Schneider Electric SESU
HighCVE-2025-6625: CWE-20 Improper Input Validation in Schneider Electric Modicon M340
HighCVE-2025-57703: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Delta Electronics DIAEnergie
MediumCVE-2025-57702: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Delta Electronics DIAEnergie
MediumCVE-2025-57701: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Delta Electronics DIAEnergie
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.