CVE-2024-44995

MEDIUM EPSS 8.0%
Published Sep 4, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 4, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf reset start │ ▼ ...... setup tc │ │ ▼ ▼ DOWN: napi_disable() napi_disable()(skip) │ │ │ ▼ ▼ ...... ...... │ │ ▼ │ napi_enable() │ ▼ UINIT: netif_napi_del() │ ▼ ...... │ ▼ INIT: netif_napi_add() │ ▼ ...... global reset start │ │ ▼ ▼ UP: napi_enable()(skip) ...... │ │ ▼ ▼ ...... napi_disable() In reset process, the driver will DOWN the port and then UINIT, in this case, the setup tc process will UP the port before UINIT, so cause the problem. Adds a DOWN process in UINIT to fix it.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥4.15  –  <5.4.283
linuxlinux_kernel*≥5.5  –  <5.10.225
linuxlinux_kernel*≥5.11  –  <5.15.166
linuxlinux_kernel*≥5.16  –  <6.1.107
linuxlinux_kernel*≥6.2  –  <6.6.48
linuxlinux_kernel*≥6.7  –  <6.10.7
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any

References 9

  • git.kernel.org https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c
    Patch