CVE-2024-42301 in Linux
Summary
by MITRE • 08/17/2024
In the Linux kernel, the following vulnerability has been resolved:
dev/parport: fix the array out-of-bounds risk
Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed.
Below is the stack trace I encountered during the actual issue:
[ 66.575408s] [pid:5118,cpu4,QThread,4]Kernel panic - not syncing: stack-protector:
Kernel stack is corrupted in: do_hardware_base_addr+0xcc/0xd0 [parport]
[ 66.575408s] [pid:5118,cpu4,QThread,5]CPU: 4 PID: 5118 Comm:
QThread Tainted: G S W O 5.10.97-arm64-desktop #7100.57021.2 [ 66.575439s] [pid:5118,cpu4,QThread,6]TGID: 5087 Comm: EFileApp
[ 66.575439s] [pid:5118,cpu4,QThread,7]Hardware name: HUAWEI HUAWEI QingYun
PGUX-W515x-B081/SP1PANGUXM, BIOS 1.00.07 04/29/2024 [ 66.575439s] [pid:5118,cpu4,QThread,8]Call trace:
[ 66.575469s] [pid:5118,cpu4,QThread,9] dump_backtrace+0x0/0x1c0
[ 66.575469s] [pid:5118,cpu4,QThread,0] show_stack+0x14/0x20
[ 66.575469s] [pid:5118,cpu4,QThread,1] dump_stack+0xd4/0x10c
[ 66.575500s] [pid:5118,cpu4,QThread,2] panic+0x1d8/0x3bc
[ 66.575500s] [pid:5118,cpu4,QThread,3] __stack_chk_fail+0x2c/0x38
[ 66.575500s] [pid:5118,cpu4,QThread,4] do_hardware_base_addr+0xcc/0xd0 [parport]
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 02/01/2026
The vulnerability identified as CVE-2024-42301 represents a critical array out-of-bounds condition within the Linux kernel's parport subsystem, specifically affecting the device driver responsible for parallel port communication. This flaw manifests in the improper handling of string formatting operations that can lead to memory corruption and system instability. The issue occurs when the kernel uses sprintf function without proper bounds checking, creating an opportunity for buffer overflows that can compromise the integrity of kernel memory structures. The vulnerability was particularly significant because it affected the do_hardware_base_addr function within the parport module, where the stack protector mechanism detected corruption during kernel execution.
The technical implementation of this vulnerability stems from the use of unsafe string manipulation functions within kernel space code. When sprintf is employed without specifying buffer size limits, it can write beyond the allocated memory boundaries of destination arrays, potentially overwriting adjacent memory locations including critical kernel metadata and stack canaries. The stack protector mechanism, designed to detect such corruption, triggered the kernel panic when it detected that the kernel stack had been compromised during execution of the do_hardware_base_addr function. This function specifically handles hardware base address operations for parallel port devices, making it a critical path for system stability when dealing with legacy hardware interfaces.
The operational impact of this vulnerability extends beyond simple system crashes to potentially enable privilege escalation and system compromise in scenarios where malicious actors can influence the parameters passed to the affected function. The kernel panic behavior demonstrates that the vulnerability can cause complete system termination, requiring manual intervention and potentially leading to data loss or service disruption. The stack trace reveals that the issue occurred during execution on an ARM64 architecture system, indicating that the vulnerability affects ARM-based embedded systems and desktop environments alike, particularly those utilizing parallel port hardware. The presence of the Tainted flag in the kernel log suggests that the system was running with modules or configurations that could have contributed to the vulnerability's exploitation potential.
Mitigation strategies for CVE-2024-42301 involve immediate kernel updates that replace sprintf calls with snprintf implementations, ensuring proper buffer size limitations are enforced. This remediation directly addresses the underlying CWE-121, which describes the vulnerability of stack-based buffer overflow conditions in software systems. The fix implements proper bounds checking through snprintf, which prevents data from overflowing into adjacent memory locations. Organizations should also consider implementing runtime protections such as stack canary monitoring and kernel address space layout randomization to further reduce the exploitation surface. System administrators should prioritize patching affected systems and monitoring for signs of exploitation attempts, particularly in environments where legacy parallel port hardware remains in use. The ATT&CK framework categorizes this vulnerability under T1068, which relates to exploitation of local privilege escalation opportunities, emphasizing the need for comprehensive security hardening measures beyond simple patching.