CVE-2024-41085

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-41085
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-41085.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-41085
Related
Published
2024-07-29T16:15:03Z
Modified
2024-09-18T03:23:09.211381Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

cxl/mem: Fix no cxl_nvd during pmem region auto-assembling

When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace.

BUG: kernel NULL pointer dereference, address: 0000000000000078 #PF: supervisor read access in kernel mode #PF: errorcode(0x0000) - not-present page RIP: 0010:cxlpmemregionprobe+0x22e/0x360 [cxlpmem] Call Trace: <TASK> ? die+0x24/0x70 ? pagefaultoops+0x82/0x160 ? douseraddrfault+0x65/0x6b0 ? excpagefault+0x7d/0x170 ? asmexcpagefault+0x26/0x30 ? cxlpmemregionprobe+0x22e/0x360 [cxlpmem] ? cxlpmemregionprobe+0x1ac/0x360 [cxlpmem] cxlbusprobe+0x1b/0x60 [cxlcore] reallyprobe+0x173/0x410 ? _pfxdeviceattachdriver+0x10/0x10 _driverprobedevice+0x80/0x170 driverprobedevice+0x1e/0x90 _deviceattachdriver+0x90/0x120 busforeachdrv+0x84/0xe0 _deviceattach+0xbc/0x1f0 busprobedevice+0x90/0xa0 deviceadd+0x51c/0x710 devmcxladdpmemregion+0x1b5/0x380 [cxlcore] cxlbusprobe+0x1b/0x60 [cxl_core]

The cxlnvd of the memdev needs to be available during the pmem region probe. Currently the cxlnvd is registered after the endpoint port probe. The endpoint probe, in the case of autoassembly of regions, can cause a pmem region probe requiring the not yet available cxl_nvd. Adjust the sequence so this dependency is met.

This requires adding a port parameter to cxlfindnvdimm_bridge() that can be used to query the ancestor root port. The endpoint port is not yet available, but will share a common ancestor with its parent, so start the query from there instead.

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.9.8-1

Affected versions

6.*

6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1
6.7.7-1
6.7.9-1
6.7.9-2
6.7.12-1~bpo12+1
6.7.12-1
6.8.9-1
6.8.11-1
6.8.12-1~bpo12+1
6.8.12-1
6.9.2-1~exp1
6.9.7-1~bpo12+1
6.9.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}