{"uuid": "100e9b37-53e3-4f15-a75b-24c0ab7bda86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50040", "type": "seen", "source": "https://t.me/cvedetector/8559", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50040 - Intel igb PCIe Non-Fatal Error Handling Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50040 \nPublished : Oct. 21, 2024, 8:15 p.m. | 16\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nigb: Do not bring the device up after non-fatal error  \n  \nCommit 004d25060c78 (\"igb: Fix igb_down hung on surprise removal\")  \nchanged igb_io_error_detected() to ignore non-fatal pcie errors in order  \nto avoid hung task that can happen when igb_down() is called multiple  \ntimes. This caused an issue when processing transient non-fatal errors.  \nigb_io_resume(), which is called after igb_io_error_detected(), assumes  \nthat device is brought down by igb_io_error_detected() if the interface  \nis up. This resulted in panic with stacktrace below.  \n  \n[ T3256] igb 0000:09:00.0 haeth0: igb: haeth0 NIC Link is Down  \n[  T292] pcieport 0000:00:1c.5: AER: Uncorrected (Non-Fatal) error received: 0000:09:00.0  \n[  T292] igb 0000:09:00.0: PCIe Bus Error: severity=Uncorrected (Non-Fatal), type=Transaction Layer, (Requester ID)  \n[  T292] igb 0000:09:00.0:   device [8086:1537] error status/mask=00004000/00000000  \n[  T292] igb 0000:09:00.0:    [14] CmpltTO [  200.105524,009][  T292] igb 0000:09:00.0: AER:   TLP Header: 00000000 00000000 00000000 00000000  \n[  T292] pcieport 0000:00:1c.5: AER: broadcast error_detected message  \n[  T292] igb 0000:09:00.0: Non-correctable non-fatal error reported.  \n[  T292] pcieport 0000:00:1c.5: AER: broadcast mmio_enabled message  \n[  T292] pcieport 0000:00:1c.5: AER: broadcast resume message  \n[  T292] ------------[ cut here ]------------  \n[  T292] kernel BUG at net/core/dev.c:6539!  \n[  T292] invalid opcode: 0000 [#1] PREEMPT SMP  \n[  T292] RIP: 0010:napi_enable+0x37/0x40  \n[  T292] Call Trace:  \n[  T292]    \n[  T292]  ? die+0x33/0x90  \n[  T292]  ? do_trap+0xdc/0x110  \n[  T292]  ? napi_enable+0x37/0x40  \n[  T292]  ? do_error_trap+0x70/0xb0  \n[  T292]  ? napi_enable+0x37/0x40  \n[  T292]  ? napi_enable+0x37/0x40  \n[  T292]  ? exc_invalid_op+0x4e/0x70  \n[  T292]  ? napi_enable+0x37/0x40  \n[  T292]  ? asm_exc_invalid_op+0x16/0x20  \n[  T292]  ? napi_enable+0x37/0x40  \n[  T292]  igb_up+0x41/0x150  \n[  T292]  igb_io_resume+0x25/0x70  \n[  T292]  report_resume+0x54/0x70  \n[  T292]  ? report_frozen_detected+0x20/0x20  \n[  T292]  pci_walk_bus+0x6c/0x90  \n[  T292]  ? aer_print_port_info+0xa0/0xa0  \n[  T292]  pcie_do_recovery+0x22f/0x380  \n[  T292]  aer_process_err_devices+0x110/0x160  \n[  T292]  aer_isr+0x1c1/0x1e0  \n[  T292]  ? disable_irq_nosync+0x10/0x10  \n[  T292]  irq_thread_fn+0x1a/0x60  \n[  T292]  irq_thread+0xe3/0x1a0  \n[  T292]  ? irq_set_affinity_notifier+0x120/0x120  \n[  T292]  ? irq_affinity_notify+0x100/0x100  \n[  T292]  kthread+0xe2/0x110  \n[  T292]  ? kthread_complete_and_exit+0x20/0x20  \n[  T292]  ret_from_fork+0x2d/0x50  \n[  T292]  ? kthread_complete_and_exit+0x20/0x20  \n[  T292]  ret_from_fork_asm+0x11/0x20  \n[  T292]    \n  \nTo fix this issue igb_io_resume() checks if the interface is running and  \nthe device is not down this means igb_io_error_detected() did not bring  \nthe device down and there is no need to bring it up. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T22:43:11.000000Z"}