CVE-2024-46784
📋 TL;DR
A race condition in the Linux kernel's Microsoft Azure Network Adapter (MANA) driver causes kernel panic when network queue cleanup occurs before NAPI is properly initialized. This affects Linux systems using the MANA driver for Azure networking, potentially causing system crashes and denial of service.
💻 Affected Systems
- Linux kernel with MANA driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System crash leading to denial of service, requiring physical or remote console access to reboot the affected system.
Likely Case
System crash during network interface configuration changes or driver initialization, causing temporary service disruption.
If Mitigated
No impact if patched or if MANA driver is not in use.
🎯 Exploit Status
Requires ability to trigger network queue creation/destruction, typically through privileged operations or driver initialization.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with fixes from stable commits referenced in CVE
Vendor Advisory: https://git.kernel.org/stable/c/386617efacab10bf5bb40bde403467c57cc00470
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fixes 2. Reboot system 3. Verify MANA driver loads without errors
🔧 Temporary Workarounds
Disable MANA driver
linuxPrevent loading of vulnerable MANA driver module
echo 'blacklist mana' >> /etc/modprobe.d/blacklist.conf
rmmod mana
update-initramfs -u
🧯 If You Can't Patch
- Avoid network interface configuration changes on systems using MANA driver
- Monitor system logs for kernel panic events related to MANA driver
🔍 How to Verify
Check if Vulnerable:
Check if MANA driver is loaded: lsmod | grep mana && check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fixes and MANA driver loads without errors during network operations📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages containing 'mana_destroy_rxq' or 'napi_disable'
- System crash/reboot events
Network Indicators:
- Network interface failures on Azure VMs with MANA
SIEM Query:
event_source:kernel AND (message:"mana_destroy_rxq" OR message:"napi_disable")🔗 References
- https://git.kernel.org/stable/c/386617efacab10bf5bb40bde403467c57cc00470
- https://git.kernel.org/stable/c/4982a47154f0b50de81ee0a0b169a3fc74120a65
- https://git.kernel.org/stable/c/9178eb8ebcd887ab75e54ac40d538e54bb9c7788
- https://git.kernel.org/stable/c/9e0bff4900b5d412a9bafe4baeaa6facd34f671c
- https://git.kernel.org/stable/c/b6ecc662037694488bfff7c9fd21c405df8411f2
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
