CVE-2024-26820 Linux CVE debrief

Who should care

Kernel maintainers, Linux distribution security teams, and operators of Linux guests using Hyper-V/hv_netvsc networking should care most, especially if they run kernels in the affected version ranges or rely on driver unload/reload workflows.

Technical summary

The issue stems from notifier timing in hv_netvsc: register_netdevice_notifier() is registered very early, before vmbus_driver_register(), so a NET_DEVICE_REGISTER event for a matching VF can arrive before netvsc_probe finishes. In that case, VF registration may be missed. The fix is to attempt registration for each matching VF that is visible as a netdevice at the end of netvsc_probe, closing the race/window where the registration event was lost.

Defensive priority

Medium. NVD assigns CVSS 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H), indicating a local issue with significant availability impact but no direct confidentiality or integrity impact. It is not marked as a Known Exploited Vulnerability in the supplied corpus.

Recommended defensive actions

• Update to a kernel release or vendor backport that includes the hv_netvsc fix.
• Check your distribution’s security advisories for the matching stable-backport commit that applies to your kernel stream.
• Prioritize remediation on Linux systems running as Hyper-V guests where hv_netvsc is used and driver reloads are possible.
• After patching, validate that VF registration and network interface behavior remain correct across driver unload/reload cycles.

Evidence notes

The supplied NVD record describes the failure mode and lists affected Linux kernel ranges, including 4.19.301-4.19.309, 5.4.263-5.4.271, 5.10.203-5.10.212, 5.15.141-5.15.151, 6.1.65-6.1.78, 6.6.4-6.6.17, and 6.7-6.7.5, plus 6.8 rc builds. NVD lists CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H and CWE as NVD-CWE-noinfo. Multiple official kernel stable patch links are cited in the source corpus.

Official resources