cve-2024-53240
Vulnerability from cvelistv5
Published
2024-12-24 09:22
Modified
2025-01-20 06:21
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: xen/netfront: fix crash when removing device When removing a netfront device directly after a suspend/resume cycle it might happen that the queues have not been setup again, causing a crash during the attempt to stop the queues another time. Fix that by checking the queues are existing before trying to stop them. This is XSA-465 / CVE-2024-53240.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1d5354a9182b6d302ae10367cbec1ca339d4e4e7
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/20f7f0cf7af5d81b218202ef504223af84b16a8f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2657ba851fa3381256d81e431b20041dc232fd88
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7728e974ffbf14f17648dd92ea640b42b654d47c
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8b41e6bccf7de93982781be4125211443382e66d
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f9244fb55f37356f75c739c57323d9422d7aa0f8
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fe9a8f5250aed0948b668c8a4e051e3b0fc29f09
af854a3a-2127-422b-91ae-364da2661108http://xenbits.xen.org/xsa/advisory-465.html
Impacted products
Vendor Product Version
Linux Linux Version: ed773dd798bf720756d20021b8d8a4a3d7184bda
Version: e6860c889f4ad50b6ab696f5ea154295d72cf27a
Version: e6e897d4fe2f89c0bd94600a40bedf5e6e75e050
Version: d50b7914fae04d840ce36491d22133070b18cca9
Version: d50b7914fae04d840ce36491d22133070b18cca9
Version: d50b7914fae04d840ce36491d22133070b18cca9
Version: d50b7914fae04d840ce36491d22133070b18cca9
 Create a notification for this product.
   Linux Linux Version: 6.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-12-24T10:02:52.820Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://xenbits.xen.org/xsa/advisory-465.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/xen-netfront.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "20f7f0cf7af5d81b218202ef504223af84b16a8f",
              "status": "affected",
              "version": "ed773dd798bf720756d20021b8d8a4a3d7184bda",
              "versionType": "git"
            },
            {
              "lessThan": "1d5354a9182b6d302ae10367cbec1ca339d4e4e7",
              "status": "affected",
              "version": "e6860c889f4ad50b6ab696f5ea154295d72cf27a",
              "versionType": "git"
            },
            {
              "lessThan": "2657ba851fa3381256d81e431b20041dc232fd88",
              "status": "affected",
              "version": "e6e897d4fe2f89c0bd94600a40bedf5e6e75e050",
              "versionType": "git"
            },
            {
              "lessThan": "8b41e6bccf7de93982781be4125211443382e66d",
              "status": "affected",
              "version": "d50b7914fae04d840ce36491d22133070b18cca9",
              "versionType": "git"
            },
            {
              "lessThan": "fe9a8f5250aed0948b668c8a4e051e3b0fc29f09",
              "status": "affected",
              "version": "d50b7914fae04d840ce36491d22133070b18cca9",
              "versionType": "git"
            },
            {
              "lessThan": "7728e974ffbf14f17648dd92ea640b42b654d47c",
              "status": "affected",
              "version": "d50b7914fae04d840ce36491d22133070b18cca9",
              "versionType": "git"
            },
            {
              "lessThan": "f9244fb55f37356f75c739c57323d9422d7aa0f8",
              "status": "affected",
              "version": "d50b7914fae04d840ce36491d22133070b18cca9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/xen-netfront.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "lessThan": "6.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.175",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.121",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.67",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/netfront: fix crash when removing device\n\nWhen removing a netfront device directly after a suspend/resume cycle\nit might happen that the queues have not been setup again, causing a\ncrash during the attempt to stop the queues another time.\n\nFix that by checking the queues are existing before trying to stop\nthem.\n\nThis is XSA-465 / CVE-2024-53240."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-20T06:21:53.392Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/20f7f0cf7af5d81b218202ef504223af84b16a8f"
        },
        {
          "url": "https://git.kernel.org/stable/c/1d5354a9182b6d302ae10367cbec1ca339d4e4e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/2657ba851fa3381256d81e431b20041dc232fd88"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b41e6bccf7de93982781be4125211443382e66d"
        },
        {
          "url": "https://git.kernel.org/stable/c/fe9a8f5250aed0948b668c8a4e051e3b0fc29f09"
        },
        {
          "url": "https://git.kernel.org/stable/c/7728e974ffbf14f17648dd92ea640b42b654d47c"
        },
        {
          "url": "https://git.kernel.org/stable/c/f9244fb55f37356f75c739c57323d9422d7aa0f8"
        }
      ],
      "title": "xen/netfront: fix crash when removing device",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-53240",
    "datePublished": "2024-12-24T09:22:36.448Z",
    "dateReserved": "2024-11-19T17:17:25.026Z",
    "dateUpdated": "2025-01-20T06:21:53.392Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-53240\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-12-24T10:15:06.460\",\"lastModified\":\"2024-12-24T10:15:06.460\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nxen/netfront: fix crash when removing device\\n\\nWhen removing a netfront device directly after a suspend/resume cycle\\nit might happen that the queues have not been setup again, causing a\\ncrash during the attempt to stop the queues another time.\\n\\nFix that by checking the queues are existing before trying to stop\\nthem.\\n\\nThis is XSA-465 / CVE-2024-53240.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xen/netfront: se corrige un fallo al eliminar un dispositivo Al eliminar un dispositivo netfront directamente despu\u00e9s de un ciclo de suspensi\u00f3n/reanudaci\u00f3n, puede suceder que las colas no se hayan configurado nuevamente, lo que provoca un fallo durante el intento de detener las colas otra vez. Solucione esto comprobando que las colas existen antes de intentar detenerlas. Esto es XSA-465 / CVE-2024-53240.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1d5354a9182b6d302ae10367cbec1ca339d4e4e7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/20f7f0cf7af5d81b218202ef504223af84b16a8f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/2657ba851fa3381256d81e431b20041dc232fd88\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7728e974ffbf14f17648dd92ea640b42b654d47c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8b41e6bccf7de93982781be4125211443382e66d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f9244fb55f37356f75c739c57323d9422d7aa0f8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fe9a8f5250aed0948b668c8a4e051e3b0fc29f09\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"http://xenbits.xen.org/xsa/advisory-465.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.