Login Sign Up

CVE-2024-36021

5.5 MEDIUM
Denial of Service

📋 TL;DR

A race condition vulnerability in the Linux kernel's HNS3 network driver allows kernel crashes when devlink reload commands are issued during PF (Physical Function) initialization. This affects systems using Huawei HNS3 network hardware with vulnerable kernel versions. The crash occurs due to hardware resource access before proper initialization.

💻 Affected Systems

Products:
  • Linux kernel with HNS3 network driver
Versions: Specific kernel versions containing the vulnerable code (check git commits for exact ranges)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with Huawei HNS3 network hardware. Requires devlink reload operation during PF initialization phase.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, requiring physical or remote console access for recovery.

🟠

Likely Case

System crash during network interface initialization or maintenance operations, causing temporary service disruption.

🟢

If Mitigated

No impact if patched or if devlink reload operations are avoided during initialization.

🌐 Internet-Facing: LOW - Requires local access or specific administrative actions, not directly exploitable from network.
🏢 Internal Only: MEDIUM - Could be triggered by administrators performing network maintenance or automation scripts during boot/initialization.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires timing devlink reload commands precisely during initialization phase. More likely to occur accidentally during maintenance than maliciously.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 1b550dae55901c2cc9075d6a7155a71b4f516e86, 50b69054f455dcdb34bd6b22764c7579b270eef3, 7ca0f73e5e2da3c129935b97f3a0877cce8ebdf5, 93305b77ffcb042f1538ecc383505e87d95aa05a

Vendor Advisory: https://git.kernel.org/stable/c/1b550dae55901c2cc9075d6a7155a71b4f516e86

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Reboot system. 3. Verify kernel version and that HNS3 driver loads without issues.

🔧 Temporary Workarounds

Avoid devlink reload during initialization

linux

Prevent devlink reload operations during system boot or HNS3 PF initialization phases

# Ensure no automation scripts run 'devlink dev reload' during boot
# Monitor system logs for HNS3 initialization completion before running any devlink commands

🧯 If You Can't Patch

  • Avoid using devlink reload commands on systems with HNS3 hardware
  • Implement monitoring to detect and alert on kernel panic events related to HNS3 driver

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if HNS3 driver is loaded: 'uname -r' and 'lsmod | grep hns3'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits and test devlink reload after HNS3 initialization completes

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • HNS3 driver initialization failures
  • System crash/reboot events

Network Indicators:

  • Network interface disappearance
  • Loss of connectivity on HNS3 interfaces

SIEM Query:

event_source="kernel" AND (message CONTAINS "panic" OR message CONTAINS "hns3" OR message CONTAINS "Oops")

📊 Metadata

CVE ID: CVE-2024-36021
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-908
Published: May 30, 2024
Last Updated: September 30, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36021, you might also want to check these:

CVE-2021-26305 9.8

CVE-2021-26305 is a deserialization vulnerability in the cdr crate for Rust that allows a malicious ...

Same vulnerability type (CWE-908)
CVE-2020-36443 9.8

This vulnerability in libp2p-deflate crate for Rust allows reading uninitialized memory due to passi...

Same vulnerability type (CWE-908)
CVE-2020-36452 9.8

This vulnerability in the array-tools Rust crate allows attackers to cause memory corruption by expl...

Same vulnerability type (CWE-908)