CVE-2024-50296

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A kernel crash occurs when the driver is uninstalled and the Virtual Function (VF) is disabled concurrently. This happens because the two actions call the pci disable sriov() function, which checks the num VFs variable to determine whether to release the corresponding resources. During the second call, num VFs is not 0, and the resource release function is called, but the corresponding resource has already been released during the first invocation, resulting in a kernel crash.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.