PT-2024-21473 · Linux+9 · Linux Kernel+9

Souradeep Chakrabarti

Published

2024-04-03

Updated

2025-09-29

CVE-2024-26698

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition between netvsc probe and netvsc remove has been resolved in the Linux kernel. The issue occurred when napi disable was called for all channels, including subchannels, without confirming if they were enabled or not. This caused hv netvsc to get hung at napi disable when netvsc probe() finished running but nvdev->subchan work had not started yet. The fix ensures that napi disable() is not called for non-enabled NAPI structs. netif napi del() is still necessary for these non-enabled NAPI structs for cleanup purposes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALSA-2024:5101

ALSA-2025_16880

CESA-2024_5101

CVE-2024-26698

DLA-3842-1

DSA-5658-1

DSA-5681-1

INFSA-2024_5101

OESA-2024-1520

OESA-2024-1524

OESA-2024-1536

OESA-2024-1541

RHSA-2024:4823

RHSA-2024:4831

RHSA-2024:5101

RHSA-2024:6297

RHSA-2024:6993

RHSA-2024_5101

RLSA-2024:5101

RXSA-2024:5101

SUSE-SU-2024:2008-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2190-1

USN-6766-1

USN-6766-2

USN-6766-3

USN-6795-1

USN-6828-1

USN-6895-1

USN-6895-2

USN-6895-3

USN-6895-4

USN-6900-1

Affected Products

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-21473 · Linux+9 · Linux Kernel+9

CVE-2024-26698

Weakness Enumeration

Related Identifiers

Affected Products

References · 2016