5.5

CVE-2024-36900

net: hns3: fix kernel crash when devlink reload during initialization

In the Linux kernel, the following vulnerability has been resolved:

net: hns3: fix kernel crash when devlink reload during initialization

The devlink reload process will access the hardware resources,
but the register operation is done before the hardware is initialized.
So, processing the devlink reload during initialization may lead to kernel
crash.

This patch fixes this by registering the devlink after
hardware initialization.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15 < 6.1.91
LinuxLinux Kernel Version >= 6.2 < 6.6.31
LinuxLinux Kernel Version >= 6.7 < 6.8.10
LinuxLinux Kernel Version6.9 Updaterc1
LinuxLinux Kernel Version6.9 Updaterc2
LinuxLinux Kernel Version6.9 Updaterc3
LinuxLinux Kernel Version6.9 Updaterc4
LinuxLinux Kernel Version6.9 Updaterc5
LinuxLinux Kernel Version6.9 Updaterc6
LinuxLinux Kernel Version6.9 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.129
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://git.kernel.org/stable/c/35d92abfbad88cf947c010baf34b075e40566095
Patch
https://git.kernel.org/stable/c/5c623fe0534806b627054da09b6f51b7b2f7b9cd
Patch
https://git.kernel.org/stable/c/72ede790f5a03c3957487400a1b72ebce293a2e7
Patch
https://git.kernel.org/stable/c/c98bc78ce0909ccc92005e2cb6609ec6c7942f69
Patch