CVE-2024-44995
📋 TL;DR
A race condition in the Linux kernel's HNS3 network driver can cause a deadlock when configuring traffic control (TC) during a reset process. This vulnerability affects systems using Huawei HNS3 network hardware with vulnerable kernel versions, potentially causing network service disruption.
💻 Affected Systems
- Linux kernel with HNS3 driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete network interface deadlock requiring system reboot to restore connectivity
Likely Case
Network interface becomes unresponsive, causing service disruption until manual intervention
If Mitigated
Minor performance impact during TC configuration operations
🎯 Exploit Status
Exploitation requires privileged access to trigger TC configuration during reset; race condition makes timing difficult
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits 195918217448a6bb7f929d6a2ffffce9f1ece1cc or later
Vendor Advisory: https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version
2. Reboot system to load new kernel
3. Verify HNS3 driver is updated
🔧 Temporary Workarounds
Avoid TC configuration during resets
linuxPrevent triggering the race condition by avoiding traffic control configuration operations during network interface resets
🧯 If You Can't Patch
- Monitor for network interface resets and avoid TC configuration during those periods
- Implement network redundancy to minimize impact if HNS3 interface becomes unresponsive
🔍 How to Verify
Check if Vulnerable:
Check kernel version and verify if HNS3 driver is loaded: lsmod | grep hns3 && uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel includes fix commit: git log --oneline | grep -i '195918217448a6bb7f929d6a2ffffce9f1ece1cc'📡 Detection & Monitoring
Log Indicators:
- Kernel logs showing HNS3 driver errors
- Network interface resets followed by TC configuration attempts
Network Indicators:
- Sudden loss of network connectivity on HNS3 interfaces
- Increased network errors on affected interfaces
SIEM Query:
source="kernel" AND ("hns3" OR "TC") AND ("deadlock" OR "reset" OR "napi")🔗 References
- https://git.kernel.org/stable/c/195918217448a6bb7f929d6a2ffffce9f1ece1cc
- https://git.kernel.org/stable/c/67492d4d105c0a6321b00c393eec96b9a7a97a16
- https://git.kernel.org/stable/c/6ae2b7d63cd056f363045eb65409143e16f23ae8
- https://git.kernel.org/stable/c/be5e816d00a506719e9dbb1a9c861c5ced30a109
- https://git.kernel.org/stable/c/de37408d5c26fc4a296a28a0c96dcb814219bfa1
- https://git.kernel.org/stable/c/fa1d4de7265c370e673583ac8d1bd17d21826cd9
- https://git.kernel.org/stable/c/fc250eca15bde34c4c8f806b9d88f55bd56a992c
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
