DEBIAN-CVE-2024-39507

DEBIAN-CVE-2024-39507 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver to handle this event, but at this time, the roce driver may uninit, then cause kernel crash. To fix the problem, when link status change, need to check whether the roce registered, and when uninit, need to wait link update finish.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	linux-6.1	6.1.106-3, 6.1.112-1, 6.1.106-3
Debian:14	linux	0, 0
Debian:12	linux	6.1.38-3, 6.1.38-4, *
Debian:11	linux	5.15.15-1, 5.15.15-2, 5.15.15-2~bpo11+1
Debian:13	linux	0, 0

Timeline

Jul 12, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2024-39507 advisory

Open in Interactive Console →