CVE-2024-36900

net: hns3: fix kernel crash when devlink reload during initialization

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

net: hns3: fix kernel crash when devlink reload during initialization

The devlink reload process will access the hardware resources,
but the register operation is done before the hardware is initialized.
So, processing the devlink reload during initialization may lead to kernel
crash.

This patch fixes this by registering the devlink after
hardware initialization.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hns3: soluciona el fallo del kernel cuando devlink se recarga durante la inicialización El proceso de recarga de devlink accederá a los recursos de hardware, pero la operación de registro se realiza antes de que se inicialice el hardware. Por lo tanto, procesar la recarga de devlink durante la inicialización puede provocar una falla del kernel. Este parche soluciona este problema registrando el devlink después de la inicialización del hardware.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-30 CVE Reserved
2024-05-30 CVE Published
2024-05-31 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/cd6242991d2e3990c828a7c2215d2d3321f1da39	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/72ede790f5a03c3957487400a1b72ebce293a2e7	2024-05-17
https://git.kernel.org/stable/c/5c623fe0534806b627054da09b6f51b7b2f7b9cd	2024-05-17
https://git.kernel.org/stable/c/c98bc78ce0909ccc92005e2cb6609ec6c7942f69	2024-05-17
https://git.kernel.org/stable/c/35d92abfbad88cf947c010baf34b075e40566095	2024-05-09

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.1.91 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.1.91"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.6.31 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.6.31"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.8.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.8.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.9"		en		Affected