PT-2024-9314 · Linux+7 · Linux Kernel+7

Published

2024-06-07

Updated

2026-03-14

CVE-2024-39507

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to a kernel crash problem in a concurrent scenario. When the link status changes, the nic driver needs to notify the roce driver to handle this event. However, if the roce driver uninitializes at this time, it may cause a kernel crash. To fix the problem, the system needs to check whether the roce driver is registered when the link status changes and wait for the link update to finish when uninitializing.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Locking

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667CWE-908

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

BDU:2024-11003

CVE-2024-39507

DLA-4008-1

DSA-5731-1

INFSA-2024_9315

OESA-2024-1962

OPENSUSE-SU-2024_2947-1

RHSA-2024:10771

RHSA-2024:9315

RHSA-2024_9315

SUSE-SU-2024:2802-1

SUSE-SU-2024:2892-1

SUSE-SU-2024:2894-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2901-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2940-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

USN-6999-1

USN-6999-2

USN-7004-1

USN-7005-1

USN-7005-2

USN-7007-1

USN-7007-2

USN-7007-3

USN-7008-1

USN-7009-1

USN-7009-2

USN-7019-1

USN-7029-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Hat

Red Os

Suse

Ubuntu

PT-2024-9314 · Linux+7 · Linux Kernel+7

CVE-2024-39507

Weakness Enumeration

Related Identifiers

Affected Products

References · 3357