{"vulnerability": "CVE-2024-50296", "sightings": [{"uuid": "73413459-e3eb-4d5b-ab30-6a5d4cb98be5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50296", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507538148924735", "content": "", "creation_timestamp": "2024-11-19T03:39:42.474806Z"}, {"uuid": "8ed59f54-f379-4903-800d-d6f9eb9bc4d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50296", "type": "seen", "source": "https://t.me/cvedetector/11423", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50296 - HuaWei Net-Series: Kernel Crash Due to Simultaneous Driver Uninstallation and VF Disabling\", \n \"Content\": \"CVE ID : CVE-2024-50296 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: hns3: fix kernel crash when uninstalling driver \n \nWhen the driver is uninstalled and the VF is disabled concurrently, a \nkernel crash occurs. The reason is that the two actions call function \npci_disable_sriov(). The num_VFs is checked to determine whether to \nrelease the corresponding resources. During the second calling, num_VFs \nis not 0 and the resource release function is called. However, the \ncorresponding resource has been released during the first invoking. \nTherefore, the problem occurs: \n \n[15277.839633][T50670] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 \n... \n[15278.131557][T50670] Call trace: \n[15278.134686][T50670] klist_put+0x28/0x12c \n[15278.138682][T50670] klist_del+0x14/0x20 \n[15278.142592][T50670] device_del+0xbc/0x3c0 \n[15278.146676][T50670] pci_remove_bus_device+0x84/0x120 \n[15278.151714][T50670] pci_stop_and_remove_bus_device+0x6c/0x80 \n[15278.157447][T50670] pci_iov_remove_virtfn+0xb4/0x12c \n[15278.162485][T50670] sriov_disable+0x50/0x11c \n[15278.166829][T50670] pci_disable_sriov+0x24/0x30 \n[15278.171433][T50670] hnae3_unregister_ae_algo_prepare+0x60/0x90 [hnae3] \n[15278.178039][T50670] hclge_exit+0x28/0xd0 [hclge] \n[15278.182730][T50670] __se_sys_delete_module.isra.0+0x164/0x230 \n[15278.188550][T50670] __arm64_sys_delete_module+0x1c/0x30 \n[15278.193848][T50670] invoke_syscall+0x50/0x11c \n[15278.198278][T50670] el0_svc_common.constprop.0+0x158/0x164 \n[15278.203837][T50670] do_el0_svc+0x34/0xcc \n[15278.207834][T50670] el0_svc+0x20/0x30 \n \nFor details, see the following figure. \n \n rmmod hclge disable VFs \n---------------------------------------------------- \nhclge_exit() sriov_numvfs_store() \n ... device_lock() \n pci_disable_sriov() hns3_pci_sriov_configure() \n pci_disable_sriov() \n sriov_disable() \n sriov_disable() if !num_VFs : \n if !num_VFs : return; \n return; sriov_del_vfs() \n sriov_del_vfs() ... \n ... klist_put() \n klist_put() ... \n ... num_VFs = 0; \n num_VFs = 0; device_unlock(); \n \nIn this patch, when driver is removing, we get the device_lock() \nto protect num_VFs, just like sriov_numvfs_store(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:04.000000Z"}, {"uuid": "5dc4aef3-f760-4202-8547-20f2fd0b7db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50296", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}]}