CVE-2024-53240
xen/netfront: fix crash when removing device
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
24 Dec 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
xen/netfront: fix crash when removing device
When removing a netfront device directly after a suspend/resume cycle
it might happen that the queues have not been setup again, causing a
crash during the attempt to stop the queues another time.
Fix that by checking the queues are existing before trying to stop
them.
This is XSA-465 / CVE-2024-53240.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/1d5354a9182b6d302ae10367cbec1ca339d4e4e7https://git.kernel.org/stable/c/20f7f0cf7af5d81b218202ef504223af84b16a8fhttps://git.kernel.org/stable/c/2657ba851fa3381256d81e431b20041dc232fd88https://git.kernel.org/stable/c/7728e974ffbf14f17648dd92ea640b42b654d47chttps://git.kernel.org/stable/c/8b41e6bccf7de93982781be4125211443382e66dhttps://git.kernel.org/stable/c/f9244fb55f37356f75c739c57323d9422d7aa0f8https://git.kernel.org/stable/c/fe9a8f5250aed0948b668c8a4e051e3b0fc29f09https://lists.debian.org/debian-lts-announce/2025/03/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2025/03/msg00002.htmlhttp://xenbits.xen.org/xsa/advisory-465.html