CVE-2024-26820

2024-04-1700:00:00

ubuntu.com

linux kernel

vulnerability

hv_netvsc

driver

netvsc_probe

netdevice

vmbus_driver_register

exploitation

administrative privilege

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON

In the Linux kernel, the following vulnerability has been resolved:
hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed If
hv_netvsc driver is unloaded and reloaded, the NET_DEVICE_REGISTER handler
cannot perform VF register successfully as the register call is received
before netvsc_probe is finished. This is because we register
register_netdevice_notifier() very early( even before
vmbus_driver_register()). To fix this, we try to register each such
matching VF( if it is visible as a netdevice) at the end of netvsc_probe.

Notes

Author	Note
	Priority reason: Exploitation requires unloading and reloading kernel modules, operations the require administrative privilege.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< 5.15.0-112.122UNKNOWN
ubuntu23.10noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1063.69UNKNOWN
ubuntu23.10noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1063.69~20.04.1UNKNOWN
ubuntu22.04noarchlinux-aws-6.5< anyUNKNOWN
ubuntu20.04noarchlinux-bluefield< anyUNKNOWN
ubuntu20.04noarchlinux-gcp< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-112.122	UNKNOWN
ubuntu	23.10	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1063.69	UNKNOWN
ubuntu	23.10	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1063.69~20.04.1	UNKNOWN
ubuntu	22.04	noarch	linux-aws-6.5	< any	UNKNOWN
ubuntu	20.04	noarch	linux-bluefield	< any	UNKNOWN
ubuntu	20.04	noarch	linux-gcp	< any	UNKNOWN