CVE-2024-36887 is a vulnerability identified in the Linux kernel's e1000e network driver, specifically related to the handling of PHY (physical layer) MDIC (Management Data Input/Output Controller) access routines. The issue stems from the use of the usleep_range function within these routines, which are sometimes invoked in atomic contexts where sleeping is not permitted. The original commit (6dbdd4de0362) introduced a workaround for sporadic MDI errors on Intel Meteor Lake systems by replacing udelay calls with usleep_range. However, this change inadvertently caused kernel panics under certain conditions, such as cable disconnection and reconnection on systems using Intel vPro technology. The vulnerability arises because usleep_range can sleep, which is unsafe in atomic contexts, leading to kernel instability or crashes. The fix involves reverting the usleep_range calls back to udelay, which is a busy-wait delay function safe to use in atomic contexts, thereby preventing kernel panics triggered by improper sleep calls in critical code paths. This vulnerability affects specific Linux kernel versions containing the problematic commits and is relevant for systems running the e1000e driver, commonly used for Intel Gigabit Ethernet adapters. Although no known exploits are reported in the wild, the vulnerability can cause denial of service through kernel panics, impacting system availability.

For European organizations, this vulnerability primarily threatens system stability and availability, especially for servers and endpoints using Intel Ethernet hardware with the affected Linux kernel versions. Kernel panics can lead to unexpected system reboots or crashes, disrupting critical services and operations. Organizations relying on Linux-based infrastructure with Intel network adapters, particularly those using Intel vPro systems, may experience network outages or degraded performance during cable events or network interface resets. This can affect data centers, cloud service providers, telecommunications infrastructure, and enterprise IT environments. The impact is more pronounced in environments requiring high availability and uptime, such as financial institutions, healthcare providers, and public sector organizations. While confidentiality and integrity are not directly compromised, the denial of service effect can indirectly affect business continuity and operational resilience.

European organizations should promptly apply the Linux kernel patches that revert the usleep_range calls to udelay in the e1000e driver. This requires updating to the fixed kernel versions or backporting the patch if using long-term support kernels. Network administrators should audit their systems to identify those running affected kernel versions with Intel e1000e drivers, especially on Intel vPro hardware. In environments where immediate patching is not feasible, temporary mitigation could include avoiding physical network cable disconnections or reconnections on affected systems to reduce the risk of triggering kernel panics. Additionally, organizations should implement robust monitoring and alerting for kernel panics and network interface resets to enable rapid response. Testing patches in staging environments before production deployment is recommended to ensure compatibility and stability. Maintaining up-to-date firmware and drivers for Intel network hardware can also help reduce related issues.