{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T04:23:52.959","vulnerabilities":[{"cve":{"id":"CVE-2024-41084","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-07-29T16:15:03.873","lastModified":"2024-11-21T09:32:12.710","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/region: Avoid null pointer dereference in region lookup\n\ncxl_dpa_to_region() looks up a region based on a memdev and DPA.\nIt wrongly assumes an endpoint found mapping the DPA is also of\na fully assembled region. When not true it leads to a null pointer\ndereference looking up the region name.\n\nThis appears during testing of region lookup after a failure to\nassemble a BIOS defined region or if the lookup raced with the\nassembly of the BIOS defined region.\n\nFailure to clean up BIOS defined regions that fail assembly is an\nissue in itself and a fix to that problem will alleviate some of\nthe impact. It will not alleviate the race condition so let's harden\nthis path.\n\nThe behavior change is that the kernel oops due to a null pointer\ndereference is replaced with a dev_dbg() message noting that an\nendpoint was mapped.\n\nAdditional comments are added so that future users of this function\ncan more clearly understand what it provides."},{"lang":"es","value":"En el kernel de Linux, se resolvió la siguiente vulnerabilidad: cxl/region: evitar la desreferencia del puntero nulo en la búsqueda de regiones cxl_dpa_to_region() busca una región basada en memdev y DPA. Se supone erróneamente que un endpoint encontrado mapeando el DPA también pertenece a una región completamente ensamblada. Cuando no es cierto, se produce una desreferencia del puntero nulo al buscar el nombre de la región. Esto aparece durante la prueba de la búsqueda de regiones después de un error al ensamblar una región definida por el BIOS o si la búsqueda coincidió con el ensamblaje de la región definida por el BIOS. No limpiar las regiones definidas por el BIOS que fallan en el ensamblaje es un problema en sí mismo y una solución a ese problema aliviará parte del impacto. Esto no aliviará las condiciones de carrera, así que endurezcamos este camino. El cambio de comportamiento es que el kernel oops debido a una desreferencia de puntero nulo se reemplaza con un mensaje dev_dbg() que indica que se asignó un endpoint. Se agregan comentarios adicionales para que los futuros usuarios de esta función puedan comprender más claramente lo que proporciona."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4","versionEndExcluding":"6.6.37","matchCriteriaId":"99BA6BEA-A8FA-4C05-955A-F9CF38DD37DD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.9.8","matchCriteriaId":"E95105F2-32E3-4C5F-9D18-7AEFD0E6275C"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/285f2a08841432fc3e498b1cd00cce5216cdf189","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a9e099e29e925f8b31cfe53e8a786b9796f8e453","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b8a40a6dbfb0150c1081384caa9bbe28ce5d5060","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/285f2a08841432fc3e498b1cd00cce5216cdf189","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a9e099e29e925f8b31cfe53e8a786b9796f8e453","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b8a40a6dbfb0150c1081384caa9bbe28ce5d5060","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}