CVE-2024-44995

net: hns3: fix a deadlock problem when config TC during resetting

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is
as below: pf reset start │ ▼ ......
setup tc │ │ ▼ ▼ DOWN: napi_disable()
napi_disable()(skip) │ │ │ ▼ ▼ ...... ...... │ │ ▼ │
napi_enable() │ ▼ UINIT: netif_napi_del() │ ▼ ...... │ ▼ INIT: netif_napi_add() │ ▼ ...... global reset start │ │ ▼ ▼ UP: napi_enable()(skip) ...... │ │ ▼ ▼ ...... napi_disable() In reset process, the driver will DOWN the port and then UINIT, in this
case, the setup tc process will UP the port before UINIT, so cause the
problem. Adds a DOWN process in UINIT to fix it.

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf reset start │ ▼ ...... setup tc │ │ ▼ ▼ DOWN: napi_disable() napi_disable()(skip) │ │ │ ▼ ▼ ...... ...... │ │ ▼ │ napi_enable() │ ▼ UINIT: netif_napi_del() │ ▼ ...... │ ▼ INIT: netif_napi_add() │ ▼ ...... global reset start │ │ ▼ ▼ UP: napi_enable()(skip) ...... │ │ ▼ ▼ ...... napi_disable() In reset process, the driver will DOWN the port and then UINIT, in this case, the setup tc process will UP the port before UINIT, so cause the problem. Adds a DOWN process in UINIT to fix it.

Supraja Sridhara, Benedict SchlÃ¼ter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-08-21 CVE Reserved
2024-09-04 CVE Published
2024-12-19 CVE Updated
2025-03-31 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/bb6b94a896d4dd4dcdeccca87c3fd22521c652c0	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16	2024-09-04
https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c	2024-09-04
https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc	2024-09-04
https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8	2024-08-29
https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9	2024-08-29
https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1	2024-08-29
https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109	2024-08-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.4.283 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.4.283"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.10.225 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.10.225"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.15.166 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.15.166"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 6.1.107 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 6.1.107"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 6.6.48 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 6.6.48"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 6.10.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 6.10.7"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 6.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 6.11"		en		Affected