CVE-2024-44995 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf reset start │ ▼ ...... setup tc │ │ ▼ ▼ DOWN: napi_disable() napi_disable()(skip) │ │ │ ▼ ▼ ...... ...... │ │ ▼ │ napi_enable() │ ▼ UINIT: netif_napi_del() │ ▼ ...... │ ▼ INIT: netif_napi_add() │ ▼ ...... global reset start │ │ ▼ ▼ UP: napi_enable()(skip) ...... │ │ ▼ ▼ ...... napi_disable() In reset process, the driver will DOWN the port and then UINIT, in this case, the setup tc process will UP the port before UINIT, so cause the problem. Adds a DOWN process in UINIT to fix it.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.11:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.11:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.11:rc3::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc
https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16
https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8
https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109
https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1
https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9
https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c
https://lore.kernel.org/linux-cve-announce/2024090448-CVE-2024-44995-16e5@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-44995
https://www.cve.org/CVERecord?id=CVE-2024-44995

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00054}`	epss `{'score': 0.00056}`

Sat, 12 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.0005}`	epss `{'score': 0.00054}`

Mon, 16 Sep 2024 19:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-833
Metrics	threat_severity `Moderate`	threat_severity `Low`

Fri, 06 Sep 2024 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-667
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.11:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.11:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.11:rc3::::::
Vendors & Products		Linux Linux linux Kernel

Thu, 05 Sep 2024 01:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2024090448-CVE-2024-44995-16e5@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2024-44995 https://www.cve.org/CVERecord?id=CVE-2024-44995
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 04 Sep 2024 21:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 04 Sep 2024 20:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf reset start │ ▼ ...... setup tc │ │ ▼ ▼ DOWN: napi_disable() napi_disable()(skip) │ │ │ ▼ ▼ ...... ...... │ │ ▼ │ napi_enable() │ ▼ UINIT: netif_napi_del() │ ▼ ...... │ ▼ INIT: netif_napi_add() │ ▼ ...... global reset start │ │ ▼ ▼ UP: napi_enable()(skip) ...... │ │ ▼ ▼ ...... napi_disable() In reset process, the driver will DOWN the port and then UINIT, in this case, the setup tc process will UP the port before UINIT, so cause the problem. Adds a DOWN process in UINIT to fix it.
Title		net: hns3: fix a deadlock problem when config TC during resetting
References		https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16 https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8 https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109 https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1 https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9 https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-09-04T19:54:40.878Z

Updated: 2025-05-04T09:30:39.298Z

Reserved: 2024-08-21T05:34:56.672Z

Link: CVE-2024-44995

Vulnrichment

Updated: 2024-09-04T20:19:22.121Z

NVD

Status : Modified

Published: 2024-09-04T20:15:08.353

Modified: 2024-09-15T18:15:34.540

Link: CVE-2024-44995

Redhat

Severity : Low

Publid Date: 2024-09-04T00:00:00Z

Links: CVE-2024-44995 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-44995", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-08-21T05:34:56.672Z", "datePublished": "2024-09-04T19:54:40.878Z", "dateUpdated": "2025-05-04T09:30:39.298Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:30:39.298Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix a deadlock problem when config TC during resetting\n\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\n pf reset start\n \u2502\n \u25bc\n ......\nsetup tc \u2502\n \u2502 \u25bc\n \u25bc DOWN: napi_disable()\nnapi_disable()(skip) \u2502\n \u2502 \u2502\n \u25bc \u25bc\n ...... ......\n \u2502 \u2502\n \u25bc \u2502\nnapi_enable() \u2502\n \u25bc\n UINIT: netif_napi_del()\n \u2502\n \u25bc\n ......\n \u2502\n \u25bc\n INIT: netif_napi_add()\n \u2502\n \u25bc\n ...... global reset start\n \u2502 \u2502\n \u25bc \u25bc\n UP: napi_enable()(skip) ......\n \u2502 \u2502\n \u25bc \u25bc\n ...... napi_disable()\n\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/hisilicon/hns3/hns3_enet.c"], "versions": [{"version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "67492d4d105c0a6321b00c393eec96b9a7a97a16", "status": "affected", "versionType": "git"}, {"version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "fc250eca15bde34c4c8f806b9d88f55bd56a992c", "status": "affected", "versionType": "git"}, {"version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "195918217448a6bb7f929d6a2ffffce9f1ece1cc", "status": "affected", "versionType": "git"}, {"version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "6ae2b7d63cd056f363045eb65409143e16f23ae8", "status": "affected", "versionType": "git"}, {"version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "fa1d4de7265c370e673583ac8d1bd17d21826cd9", "status": "affected", "versionType": "git"}, {"version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "de37408d5c26fc4a296a28a0c96dcb814219bfa1", "status": "affected", "versionType": "git"}, {"version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "be5e816d00a506719e9dbb1a9c861c5ced30a109", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/hisilicon/hns3/hns3_enet.c"], "versions": [{"version": "4.15", "status": "affected"}, {"version": "0", "lessThan": "4.15", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.283", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.225", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.166", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.107", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.48", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.7", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.4.283"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.10.225"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.15.166"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.1.107"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.6.48"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.10.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.11"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16"}, {"url": "https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c"}, {"url": "https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc"}, {"url": "https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8"}, {"url": "https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9"}, {"url": "https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1"}, {"url": "https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109"}], "title": "net: hns3: fix a deadlock problem when config TC during resetting", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-04T20:19:19.943422Z", "id": "CVE-2024-44995", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T20:19:31.635Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-44995", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-04T20:19:19.943422Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-04T20:19:22.121Z"}}], "cna": {"title": "net: hns3: fix a deadlock problem when config TC during resetting", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "67492d4d105c0a6321b00c393eec96b9a7a97a16", "versionType": "git"}, {"status": "affected", "version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "fc250eca15bde34c4c8f806b9d88f55bd56a992c", "versionType": "git"}, {"status": "affected", "version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "195918217448a6bb7f929d6a2ffffce9f1ece1cc", "versionType": "git"}, {"status": "affected", "version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "6ae2b7d63cd056f363045eb65409143e16f23ae8", "versionType": "git"}, {"status": "affected", "version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "fa1d4de7265c370e673583ac8d1bd17d21826cd9", "versionType": "git"}, {"status": "affected", "version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "de37408d5c26fc4a296a28a0c96dcb814219bfa1", "versionType": "git"}, {"status": "affected", "version": "bb6b94a896d4dd4dcdeccca87c3fd22521c652c0", "lessThan": "be5e816d00a506719e9dbb1a9c861c5ced30a109", "versionType": "git"}], "programFiles": ["drivers/net/ethernet/hisilicon/hns3/hns3_enet.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.15"}, {"status": "unaffected", "version": "0", "lessThan": "4.15", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.283", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.225", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.166", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.107", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.48", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.10.7", "versionType": "semver", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/ethernet/hisilicon/hns3/hns3_enet.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16"}, {"url": "https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c"}, {"url": "https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc"}, {"url": "https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8"}, {"url": "https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9"}, {"url": "https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1"}, {"url": "https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix a deadlock problem when config TC during resetting\n\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\n pf reset start\n \u2502\n \u25bc\n ......\nsetup tc \u2502\n \u2502 \u25bc\n \u25bc DOWN: napi_disable()\nnapi_disable()(skip) \u2502\n \u2502 \u2502\n \u25bc \u25bc\n ...... ......\n \u2502 \u2502\n \u25bc \u2502\nnapi_enable() \u2502\n \u25bc\n UINIT: netif_napi_del()\n \u2502\n \u25bc\n ......\n \u2502\n \u25bc\n INIT: netif_napi_add()\n \u2502\n \u25bc\n ...... global reset start\n \u2502 \u2502\n \u25bc \u25bc\n UP: napi_enable()(skip) ......\n \u2502 \u2502\n \u25bc \u25bc\n ...... napi_disable()\n\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T09:19:51.847Z"}}}, "cveMetadata": {"cveId": "CVE-2024-44995", "state": "PUBLISHED", "dateUpdated": "2024-12-19T09:19:51.847Z", "dateReserved": "2024-08-21T05:34:56.672Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-09-04T19:54:40.878Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "087CB42F-3AD4-4BBD-B90F-8A0A1C83B5AC", "versionEndExcluding": "5.4.283", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A", "versionEndExcluding": "5.10.225", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402", "versionEndExcluding": "5.15.166", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "53954FF8-CB48-4302-BC4C-9DA7A88F44A2", "versionEndExcluding": "6.1.107", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DE9201A-CE6B-4726-BABB-8265EA0F8AE4", "versionEndExcluding": "6.6.48", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D2AFDFD1-D95A-4EB7-843B-5E7659518B67", "versionEndExcluding": "6.10.7", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix a deadlock problem when config TC during resetting\n\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\n pf reset start\n \u2502\n \u25bc\n ......\nsetup tc \u2502\n \u2502 \u25bc\n \u25bc DOWN: napi_disable()\nnapi_disable()(skip) \u2502\n \u2502 \u2502\n \u25bc \u25bc\n ...... ......\n \u2502 \u2502\n \u25bc \u2502\nnapi_enable() \u2502\n \u25bc\n UINIT: netif_napi_del()\n \u2502\n \u25bc\n ......\n \u2502\n \u25bc\n INIT: netif_napi_add()\n \u2502\n \u25bc\n ...... global reset start\n \u2502 \u2502\n \u25bc \u25bc\n UP: napi_enable()(skip) ......\n \u2502 \u2502\n \u25bc \u25bc\n ...... napi_disable()\n\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net:hns3: se corrige un problema de bloqueo cuando se configura TC durante el reinicio Cuando se configura TC durante el proceso de reinicio, puede causar un bloqueo, el flujo es el siguiente: pf reset start ? ? ...... setup tc ? ? ? ? DOWN: napi_disable() napi_disable()(skip) ? ? ? ? ? ...... ...... ? ? ? ? napi_enable() ? ? UINIT: netif_napi_del() ? ? ...... ? ? INIT: netif_napi_add() ? ? ...... global reset start ? ? ? ? UP: napi_enable()(skip) ...... ? ? ? ? ...... napi_disable() En el proceso de reinicio, el controlador DESACTIVAR\u00c1 el puerto y luego UINIT; en este caso, el proceso de configuraci\u00f3n tc DESACTIVAR\u00c1 el puerto antes de UINIT, lo que provocar\u00e1 el problema. Agrega un proceso DESACTIVADO en UINIT para solucionarlo."}], "id": "CVE-2024-44995", "lastModified": "2024-09-15T18:15:34.540", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-09-04T20:15:08.353", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: net: hns3: fix a deadlock problem when config TC during resetting", "id": "2309858", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309858"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-833", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: hns3: fix a deadlock problem when config TC during resetting\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\npf reset start\n\u2502\n\u25bc\n......\nsetup tc \u2502\n\u2502 \u25bc\n\u25bc DOWN: napi_disable()\nnapi_disable()(skip) \u2502\n\u2502 \u2502\n\u25bc \u25bc\n...... ......\n\u2502 \u2502\n\u25bc \u2502\nnapi_enable() \u2502\n\u25bc\nUINIT: netif_napi_del()\n\u2502\n\u25bc\n......\n\u2502\n\u25bc\nINIT: netif_napi_add()\n\u2502\n\u25bc\n...... global reset start\n\u2502 \u2502\n\u25bc \u25bc\nUP: napi_enable()(skip) ......\n\u2502 \u2502\n\u25bc \u25bc\n...... napi_disable()\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it."], "name": "CVE-2024-44995", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-09-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-44995\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-44995\nhttps://lore.kernel.org/linux-cve-announce/2024090448-CVE-2024-44995-16e5@gregkh/T"], "threat_severity": "Low"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object