CVE-2024-41085

CVE Details

Release Date:2024-07-29

Description


In the Linux kernel, the following vulnerability has been resolved:\ncxl/mem: Fix no cxl_nvd during pmem region auto-assembling\nWhen CXL subsystem is auto-assembling a pmem region during cxl\nendpoint port probing, always hit below calltrace.\nBUG: kernel NULL pointer dereference, address: 0000000000000078\n#PF: supervisor read access in kernel mode\n#PF: error_code(0x0000) - not-present page\nRIP: 0010:cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem]\nCall Trace:\n\n? __die+0x24/0x70\n? page_fault_oops+0x82/0x160\n? do_user_addr_fault+0x65/0x6b0\n? exc_page_fault+0x7d/0x170\n? asm_exc_page_fault+0x26/0x30\n? cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem]\n? cxl_pmem_region_probe+0x1ac/0x360 [cxl_pmem]\ncxl_bus_probe+0x1b/0x60 [cxl_core]\nreally_probe+0x173/0x410\n? __pfx___device_attach_driver+0x10/0x10\n__driver_probe_device+0x80/0x170\ndriver_probe_device+0x1e/0x90\n__device_attach_driver+0x90/0x120\nbus_for_each_drv+0x84/0xe0\n__device_attach+0xbc/0x1f0\nbus_probe_device+0x90/0xa0\ndevice_add+0x51c/0x710\ndevm_cxl_add_pmem_region+0x1b5/0x380 [cxl_core]\ncxl_bus_probe+0x1b/0x60 [cxl_core]\nThe cxl_nvd of the memdev needs to be available during the pmem region\nprobe. Currently the cxl_nvd is registered after the endpoint port probe.\nThe endpoint probe, in the case of autoassembly of regions, can cause a\npmem region probe requiring the not yet available cxl_nvd. Adjust the\nsequence so this dependency is met.\nThis requires adding a port parameter to cxl_find_nvdimm_bridge() that\ncan be used to query the ancestor root port. The endpoint port is not\nyet available, but will share a common ancestor with its parent, so\nstart the query from there instead.

See more information about CVE-2024-41085 from MITRE CVE dictionary and NIST NVD


CVSS Scoring


NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.

Base Score: 5.5 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector: Local network Attack Complexity: Low
Privileges Required: Low User Interaction: None
Scope: Unchanged Confidentiality Impact: None
Integrity Impact: None Availability Impact: High

Errata information


PlatformErrataRelease Date
Oracle Linux version 9 (kernel)ELSA-2024-93152024-11-14


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete