CVE-2024-41052
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
vfio/pci: Init the count variable in collecting hot-reset devices
The count variable is used without initialization, it results in mistakes in the device counting and crashes the userspace if the get hot reset info path is triggered.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 618fbf4c910a06a3aa6a8b88a5fb1f2197f964f3 < f476dffc52ea70745dcabf63288e770e50ac9ab3 | affected |
| Linux | Linux | 9313244c26f3792daa86f3a18cc3bd5ad60310e0 < f44136b9652291ac1fc39ca67c053ac624d0d11b | affected |
| Linux | Linux | f6944d4a0b87c16bc34ae589169e1ded3d4db08e < 5a88a3f67e37e39f933b38ebb4985ba5822e9eca | affected |
| Linux | Linux | 6.6.36 < 6.6.41 | affected |
| Linux | Linux | 6.9.7 < 6.9.10 | affected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/f476dffc52ea70745dcabf63288e770e50ac9ab3
- https://git.kernel.org/stable/c/f44136b9652291ac1fc39ca67c053ac624d0d11b
- https://git.kernel.org/stable/c/5a88a3f67e37e39f933b38ebb4985ba5822e9eca
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/f476dffc52ea70745dcabf63288e770e50ac9ab3
- https://git.kernel.org/stable/c/f44136b9652291ac1fc39ca67c053ac624d0d11b
- https://git.kernel.org/stable/c/5a88a3f67e37e39f933b38ebb4985ba5822e9eca
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.