[SRU][N][PATCH 0/1] CVE-2024-50296
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Fri Mar 7 16:19:58 UTC 2025
https://ubuntu.com/security/CVE-2024-50296
[ Impact ]
net: hns3: fix kernel crash when uninstalling driver
When the driver is uninstalled and the VF is disabled concurrently, a
kernel crash occurs. The reason is that the two actions call function
pci_disable_sriov(). The num_VFs is checked to determine whether to
release the corresponding resources. During the second calling, num_VFs
is not 0 and the resource release function is called. However, the
corresponding resource has been released during the first invoking.
In this patch, when driver is removing, we get the device_lock()
to protect num_VFs, just like sriov_numvfs_store().
[ Fix ]
Oracular: Fixed via upstream stable updates (LP: #2091645)
Noble: Clean cherry pick from mainline
Jammy: Fixed via upstream stable updates (LP: #2089533)
Focal: Fixed via upstream stable updates (LP: #2089558)
[ Test Plan ]
Compiled and boot tested on arm64.
Loaded and unloded correctly the module hclge.
$ sudo modprobe hclge
$ lsmod | grep hclge
hclge 176128 0
hnae3 16384 1 hclge
$ sudo rmmod hclge
$ sudo rmmod hnae3
[ Where Problems Could Occur ]
The fix affects the hns3 driver in the networking subsystem.
A user might experience issues such as kernel panics during driver
uninstallation or when disabling virtual functions, leading to
system instability or crashes.
More information about the kernel-team
mailing list