CVE-2024-39507

medium

Description

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver to handle this event, but at this time, the roce driver may uninit, then cause kernel crash. To fix the problem, when link status change, need to check whether the roce registered, and when uninit, need to wait link update finish.

References

https://git.kernel.org/stable/c/b2c5024b771cd1dd8175d5f6949accfadbab7edd

https://git.kernel.org/stable/c/6d0007f7b69d684879a0f598a042e40244d3cf63

https://git.kernel.org/stable/c/689de7c3bfc7d47e0eacc641c4ce4a0f579aeefa

https://git.kernel.org/stable/c/62b5dfb67bfa8bd0301bf3442004563495f9ee48

https://git.kernel.org/stable/c/12cda920212a49fa22d9e8b9492ac4ea013310a4

Details

Source: Mitre, NVD

Published: 2024-07-12

Updated: 2024-07-12

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium