CVE-2024-50040: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb: Fix igb_down hung on surprise removal") changed igb_io_error_detected() to ignore non-fatal pcie errors in order to avoid hung task that can happen when igb_down() is called multiple times. This caused an issue when processing transient non-fatal errors. igb_io_resume(), which is called after igb_io_error_detected(), assumes that device is brought down by igb_io_error_detected() if the interface is up. This resulted in panic with stacktrace below. [ T3256] igb 0000:09:00.0 haeth0: igb: haeth0 NIC Link is Down [ T292] pcieport 0000:00:1c.5: AER: Uncorrected (Non-Fatal) error received: 0000:09:00.0 [ T292] igb 0000:09:00.0: PCIe Bus Error: severity=Uncorrected (Non-Fatal), type=Transaction Layer, (Requester ID) [ T292] igb 0000:09:00.0: device [8086:1537] error status/mask=00004000/00000000 [ T292] igb 0000:09:00.0: [14] CmpltTO [ 200.105524,009][ T292] igb 0000:09:00.0: AER: TLP Header: 00000000 00000000 00000000 00000000 [ T292] pcieport 0000:00:1c.5: AER: broadcast error_detected message [ T292] igb 0000:09:00.0: Non-correctable non-fatal error reported. [ T292] pcieport 0000:00:1c.5: AER: broadcast mmio_enabled message [ T292] pcieport 0000:00:1c.5: AER: broadcast resume message [ T292] ------------[ cut here ]------------ [ T292] kernel BUG at net/core/dev.c:6539! [ T292] invalid opcode: 0000 [#1] PREEMPT SMP [ T292] RIP: 0010:napi_enable+0x37/0x40 [ T292] Call Trace: [ T292] <TASK> [ T292] ? die+0x33/0x90 [ T292] ? do_trap+0xdc/0x110 [ T292] ? napi_enable+0x37/0x40 [ T292] ? do_error_trap+0x70/0xb0 [ T292] ? napi_enable+0x37/0x40 [ T292] ? napi_enable+0x37/0x40 [ T292] ? exc_invalid_op+0x4e/0x70 [ T292] ? napi_enable+0x37/0x40 [ T292] ? asm_exc_invalid_op+0x16/0x20 [ T292] ? napi_enable+0x37/0x40 [ T292] igb_up+0x41/0x150 [ T292] igb_io_resume+0x25/0x70 [ T292] report_resume+0x54/0x70 [ T292] ? report_frozen_detected+0x20/0x20 [ T292] pci_walk_bus+0x6c/0x90 [ T292] ? aer_print_port_info+0xa0/0xa0 [ T292] pcie_do_recovery+0x22f/0x380 [ T292] aer_process_err_devices+0x110/0x160 [ T292] aer_isr+0x1c1/0x1e0 [ T292] ? disable_irq_nosync+0x10/0x10 [ T292] irq_thread_fn+0x1a/0x60 [ T292] irq_thread+0xe3/0x1a0 [ T292] ? irq_set_affinity_notifier+0x120/0x120 [ T292] ? irq_affinity_notify+0x100/0x100 [ T292] kthread+0xe2/0x110 [ T292] ? kthread_complete_and_exit+0x20/0x20 [ T292] ret_from_fork+0x2d/0x50 [ T292] ? kthread_complete_and_exit+0x20/0x20 [ T292] ret_from_fork_asm+0x11/0x20 [ T292] </TASK> To fix this issue igb_io_resume() checks if the interface is running and the device is not down this means igb_io_error_detected() did not bring the device down and there is no need to bring it up.
AI Analysis
Technical Summary
CVE-2024-50040 is a vulnerability in the Linux kernel's igb network driver, which manages Intel Gigabit Ethernet adapters. The flaw arises from improper handling of non-fatal PCIe errors during device error recovery. Specifically, the igb_io_error_detected() function was modified to ignore non-fatal PCIe errors to prevent hung tasks caused by multiple calls to igb_down(). However, this change led to a logic inconsistency where igb_io_resume(), which assumes the device was brought down if the interface is up, attempts to bring the device back up even when igb_io_error_detected() did not bring it down. This mismatch causes a kernel panic due to an invalid opcode triggered in napi_enable(), resulting in a system crash. The stack trace shows the panic occurs during PCIe Advanced Error Reporting (AER) handling when a non-fatal but uncorrectable PCIe transaction layer error is detected. The root cause is that igb_io_resume() does not verify if the device was actually brought down before attempting to bring it up, leading to a kernel BUG at net/core/dev.c. The fix ensures igb_io_resume() checks both if the interface is running and the device is not down before proceeding, preventing the panic. This vulnerability affects Linux kernel versions containing the specified commits prior to the fix. Exploitation requires triggering specific PCIe non-fatal errors on affected Intel igb network devices, which could be induced by hardware faults or potentially malicious PCIe transactions. While no known exploits are reported in the wild, the vulnerability can cause denial of service via system crashes on affected systems using the igb driver for Intel Gigabit Ethernet adapters.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to servers and network infrastructure running Linux with Intel igb network adapters. The impact is a denial of service condition caused by kernel panics, which can disrupt critical network services, data center operations, and enterprise applications relying on stable network connectivity. Organizations in sectors such as finance, telecommunications, government, and cloud service providers could face operational outages and potential data loss due to unexpected system crashes. The vulnerability could also affect embedded Linux systems in industrial control or telecommunications equipment prevalent in Europe. Although exploitation requires specific PCIe error conditions, accidental hardware faults or targeted attacks exploiting PCIe vulnerabilities could trigger this issue. The disruption of network interfaces can degrade availability and reliability of IT services, impacting business continuity and potentially violating regulatory requirements for uptime and data integrity in European jurisdictions.
Mitigation Recommendations
European organizations should prioritize updating Linux kernels to versions containing the fix for CVE-2024-50040 as soon as possible. Kernel patches that implement the corrected logic in igb_io_resume() must be applied to prevent kernel panics. Network administrators should audit systems using Intel igb network adapters to identify vulnerable kernel versions. In environments where immediate patching is not feasible, monitoring PCIe error logs and network interface status can help detect early signs of the issue. Hardware diagnostics should be performed to rule out faulty PCIe devices causing non-fatal errors. Additionally, implementing PCIe error containment features and isolating critical network devices can reduce the risk of error propagation. Organizations should also consider deploying kernel crash dump analysis tools to quickly identify and respond to related panics. For high-availability environments, redundant network paths and failover mechanisms can mitigate service disruption. Finally, educating system administrators about this specific vulnerability and its symptoms will improve incident response readiness.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Sweden, Poland, Belgium, Finland
CVE-2024-50040: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb: Fix igb_down hung on surprise removal") changed igb_io_error_detected() to ignore non-fatal pcie errors in order to avoid hung task that can happen when igb_down() is called multiple times. This caused an issue when processing transient non-fatal errors. igb_io_resume(), which is called after igb_io_error_detected(), assumes that device is brought down by igb_io_error_detected() if the interface is up. This resulted in panic with stacktrace below. [ T3256] igb 0000:09:00.0 haeth0: igb: haeth0 NIC Link is Down [ T292] pcieport 0000:00:1c.5: AER: Uncorrected (Non-Fatal) error received: 0000:09:00.0 [ T292] igb 0000:09:00.0: PCIe Bus Error: severity=Uncorrected (Non-Fatal), type=Transaction Layer, (Requester ID) [ T292] igb 0000:09:00.0: device [8086:1537] error status/mask=00004000/00000000 [ T292] igb 0000:09:00.0: [14] CmpltTO [ 200.105524,009][ T292] igb 0000:09:00.0: AER: TLP Header: 00000000 00000000 00000000 00000000 [ T292] pcieport 0000:00:1c.5: AER: broadcast error_detected message [ T292] igb 0000:09:00.0: Non-correctable non-fatal error reported. [ T292] pcieport 0000:00:1c.5: AER: broadcast mmio_enabled message [ T292] pcieport 0000:00:1c.5: AER: broadcast resume message [ T292] ------------[ cut here ]------------ [ T292] kernel BUG at net/core/dev.c:6539! [ T292] invalid opcode: 0000 [#1] PREEMPT SMP [ T292] RIP: 0010:napi_enable+0x37/0x40 [ T292] Call Trace: [ T292] <TASK> [ T292] ? die+0x33/0x90 [ T292] ? do_trap+0xdc/0x110 [ T292] ? napi_enable+0x37/0x40 [ T292] ? do_error_trap+0x70/0xb0 [ T292] ? napi_enable+0x37/0x40 [ T292] ? napi_enable+0x37/0x40 [ T292] ? exc_invalid_op+0x4e/0x70 [ T292] ? napi_enable+0x37/0x40 [ T292] ? asm_exc_invalid_op+0x16/0x20 [ T292] ? napi_enable+0x37/0x40 [ T292] igb_up+0x41/0x150 [ T292] igb_io_resume+0x25/0x70 [ T292] report_resume+0x54/0x70 [ T292] ? report_frozen_detected+0x20/0x20 [ T292] pci_walk_bus+0x6c/0x90 [ T292] ? aer_print_port_info+0xa0/0xa0 [ T292] pcie_do_recovery+0x22f/0x380 [ T292] aer_process_err_devices+0x110/0x160 [ T292] aer_isr+0x1c1/0x1e0 [ T292] ? disable_irq_nosync+0x10/0x10 [ T292] irq_thread_fn+0x1a/0x60 [ T292] irq_thread+0xe3/0x1a0 [ T292] ? irq_set_affinity_notifier+0x120/0x120 [ T292] ? irq_affinity_notify+0x100/0x100 [ T292] kthread+0xe2/0x110 [ T292] ? kthread_complete_and_exit+0x20/0x20 [ T292] ret_from_fork+0x2d/0x50 [ T292] ? kthread_complete_and_exit+0x20/0x20 [ T292] ret_from_fork_asm+0x11/0x20 [ T292] </TASK> To fix this issue igb_io_resume() checks if the interface is running and the device is not down this means igb_io_error_detected() did not bring the device down and there is no need to bring it up.
AI-Powered Analysis
Technical Analysis
CVE-2024-50040 is a vulnerability in the Linux kernel's igb network driver, which manages Intel Gigabit Ethernet adapters. The flaw arises from improper handling of non-fatal PCIe errors during device error recovery. Specifically, the igb_io_error_detected() function was modified to ignore non-fatal PCIe errors to prevent hung tasks caused by multiple calls to igb_down(). However, this change led to a logic inconsistency where igb_io_resume(), which assumes the device was brought down if the interface is up, attempts to bring the device back up even when igb_io_error_detected() did not bring it down. This mismatch causes a kernel panic due to an invalid opcode triggered in napi_enable(), resulting in a system crash. The stack trace shows the panic occurs during PCIe Advanced Error Reporting (AER) handling when a non-fatal but uncorrectable PCIe transaction layer error is detected. The root cause is that igb_io_resume() does not verify if the device was actually brought down before attempting to bring it up, leading to a kernel BUG at net/core/dev.c. The fix ensures igb_io_resume() checks both if the interface is running and the device is not down before proceeding, preventing the panic. This vulnerability affects Linux kernel versions containing the specified commits prior to the fix. Exploitation requires triggering specific PCIe non-fatal errors on affected Intel igb network devices, which could be induced by hardware faults or potentially malicious PCIe transactions. While no known exploits are reported in the wild, the vulnerability can cause denial of service via system crashes on affected systems using the igb driver for Intel Gigabit Ethernet adapters.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to servers and network infrastructure running Linux with Intel igb network adapters. The impact is a denial of service condition caused by kernel panics, which can disrupt critical network services, data center operations, and enterprise applications relying on stable network connectivity. Organizations in sectors such as finance, telecommunications, government, and cloud service providers could face operational outages and potential data loss due to unexpected system crashes. The vulnerability could also affect embedded Linux systems in industrial control or telecommunications equipment prevalent in Europe. Although exploitation requires specific PCIe error conditions, accidental hardware faults or targeted attacks exploiting PCIe vulnerabilities could trigger this issue. The disruption of network interfaces can degrade availability and reliability of IT services, impacting business continuity and potentially violating regulatory requirements for uptime and data integrity in European jurisdictions.
Mitigation Recommendations
European organizations should prioritize updating Linux kernels to versions containing the fix for CVE-2024-50040 as soon as possible. Kernel patches that implement the corrected logic in igb_io_resume() must be applied to prevent kernel panics. Network administrators should audit systems using Intel igb network adapters to identify vulnerable kernel versions. In environments where immediate patching is not feasible, monitoring PCIe error logs and network interface status can help detect early signs of the issue. Hardware diagnostics should be performed to rule out faulty PCIe devices causing non-fatal errors. Additionally, implementing PCIe error containment features and isolating critical network devices can reduce the risk of error propagation. Organizations should also consider deploying kernel crash dump analysis tools to quickly identify and respond to related panics. For high-availability environments, redundant network paths and failover mechanisms can mitigate service disruption. Finally, educating system administrators about this specific vulnerability and its symptoms will improve incident response readiness.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-10-21T12:17:06.071Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9820c4522896dcbdceec
Added to database: 5/21/2025, 9:08:48 AM
Last enriched: 6/27/2025, 9:54:32 PM
Last updated: 7/18/2025, 7:14:20 PM
Views: 8
Related Threats
CVE-2025-7231: CWE-787: Out-of-bounds Write in INVT VT-Designer
HighCVE-2025-7230: CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') in INVT VT-Designer
HighCVE-2025-7229: CWE-787: Out-of-bounds Write in INVT VT-Designer
HighCVE-2025-7228: CWE-787: Out-of-bounds Write in INVT VT-Designer
HighCVE-2025-7227: CWE-787: Out-of-bounds Write in INVT VT-Designer
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.