CVE-2024-41085: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxl_nvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereference, address: 0000000000000078 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page RIP: 0010:cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem] Call Trace: <TASK> ? __die+0x24/0x70 ? page_fault_oops+0x82/0x160 ? do_user_addr_fault+0x65/0x6b0 ? exc_page_fault+0x7d/0x170 ? asm_exc_page_fault+0x26/0x30 ? cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem] ? cxl_pmem_region_probe+0x1ac/0x360 [cxl_pmem] cxl_bus_probe+0x1b/0x60 [cxl_core] really_probe+0x173/0x410 ? __pfx___device_attach_driver+0x10/0x10 __driver_probe_device+0x80/0x170 driver_probe_device+0x1e/0x90 __device_attach_driver+0x90/0x120 bus_for_each_drv+0x84/0xe0 __device_attach+0xbc/0x1f0 bus_probe_device+0x90/0xa0 device_add+0x51c/0x710 devm_cxl_add_pmem_region+0x1b5/0x380 [cxl_core] cxl_bus_probe+0x1b/0x60 [cxl_core] The cxl_nvd of the memdev needs to be available during the pmem region probe. Currently the cxl_nvd is registered after the endpoint port probe. The endpoint probe, in the case of autoassembly of regions, can cause a pmem region probe requiring the not yet available cxl_nvd. Adjust the sequence so this dependency is met. This requires adding a port parameter to cxl_find_nvdimm_bridge() that can be used to query the ancestor root port. The endpoint port is not yet available, but will share a common ancestor with its parent, so start the query from there instead.
AI Analysis
Technical Summary
CVE-2024-41085 is a vulnerability identified in the Linux kernel's CXL (Compute Express Link) subsystem, specifically related to the handling of persistent memory (pmem) regions during the auto-assembly process. The issue arises when the kernel attempts to probe a pmem region on a CXL endpoint port. During this process, a NULL pointer dereference occurs because the cxl_nvd (CXL Non-Volatile DIMM device) is not yet registered or available at the time the pmem region probe is performed. This leads to a kernel panic or BUG due to a NULL pointer dereference at address 0x78, causing a supervisor read access fault in kernel mode. The root cause is a sequencing problem: the cxl_nvd registration happens after the endpoint port probe, but the endpoint port probe triggers the pmem region probe that requires the cxl_nvd to be present. The fix involves adjusting the probe sequence to ensure that the cxl_nvd is available before the pmem region probe is executed. This is achieved by modifying the cxl_find_nvdimm_bridge() function to accept a port parameter that allows querying the ancestor root port, which is accessible even though the endpoint port itself is not yet available. This change ensures the dependency on cxl_nvd is met, preventing the NULL pointer dereference and subsequent kernel crash. The vulnerability affects Linux kernel versions identified by the commit hash f17b558d6663101f876a1d9cbbad3de0c8f4ce4d and is publicly disclosed as of July 29, 2024. No known exploits are reported in the wild at this time, and no CVSS score has been assigned.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with CXL support and utilizing persistent memory devices. The impact includes potential denial of service (DoS) due to kernel crashes triggered by the NULL pointer dereference during device probing. This can lead to system instability, unexpected reboots, and potential data loss if pmem regions are involved in critical storage or caching operations. Organizations relying on high-availability Linux servers with CXL-connected persistent memory could experience service interruptions. While there is no indication of privilege escalation or remote code execution, the DoS impact on critical infrastructure, data centers, and cloud providers in Europe could be significant, especially in sectors like finance, telecommunications, and research institutions that deploy advanced memory technologies. The absence of known exploits reduces immediate risk, but the vulnerability's presence in the kernel means that any unpatched system could be vulnerable to accidental or malicious triggering of the kernel panic.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernel to the fixed version that addresses CVE-2024-41085 as soon as patches become available from their Linux distribution vendors. Until patches are applied, administrators should consider disabling or avoiding the use of CXL persistent memory features if feasible, to prevent triggering the vulnerable code path. Monitoring kernel logs for signs of cxl_pmem_region_probe failures or kernel oops messages can help detect attempts to exploit or accidentally trigger the vulnerability. For environments where patching is delayed, implementing kernel crash dump analysis and automated system recovery mechanisms can reduce downtime impact. Additionally, organizations should review their hardware inventory to identify systems using CXL-connected persistent memory and prioritize those for patching. Coordination with hardware vendors for firmware updates or configuration guidance related to CXL devices may also be beneficial. Finally, maintaining robust backup and disaster recovery plans will mitigate data loss risks associated with unexpected system crashes.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy
CVE-2024-41085: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxl_nvd during pmem region auto-assembling When CXL subsystem is auto-assembling a pmem region during cxl endpoint port probing, always hit below calltrace. BUG: kernel NULL pointer dereference, address: 0000000000000078 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page RIP: 0010:cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem] Call Trace: <TASK> ? __die+0x24/0x70 ? page_fault_oops+0x82/0x160 ? do_user_addr_fault+0x65/0x6b0 ? exc_page_fault+0x7d/0x170 ? asm_exc_page_fault+0x26/0x30 ? cxl_pmem_region_probe+0x22e/0x360 [cxl_pmem] ? cxl_pmem_region_probe+0x1ac/0x360 [cxl_pmem] cxl_bus_probe+0x1b/0x60 [cxl_core] really_probe+0x173/0x410 ? __pfx___device_attach_driver+0x10/0x10 __driver_probe_device+0x80/0x170 driver_probe_device+0x1e/0x90 __device_attach_driver+0x90/0x120 bus_for_each_drv+0x84/0xe0 __device_attach+0xbc/0x1f0 bus_probe_device+0x90/0xa0 device_add+0x51c/0x710 devm_cxl_add_pmem_region+0x1b5/0x380 [cxl_core] cxl_bus_probe+0x1b/0x60 [cxl_core] The cxl_nvd of the memdev needs to be available during the pmem region probe. Currently the cxl_nvd is registered after the endpoint port probe. The endpoint probe, in the case of autoassembly of regions, can cause a pmem region probe requiring the not yet available cxl_nvd. Adjust the sequence so this dependency is met. This requires adding a port parameter to cxl_find_nvdimm_bridge() that can be used to query the ancestor root port. The endpoint port is not yet available, but will share a common ancestor with its parent, so start the query from there instead.
AI-Powered Analysis
Technical Analysis
CVE-2024-41085 is a vulnerability identified in the Linux kernel's CXL (Compute Express Link) subsystem, specifically related to the handling of persistent memory (pmem) regions during the auto-assembly process. The issue arises when the kernel attempts to probe a pmem region on a CXL endpoint port. During this process, a NULL pointer dereference occurs because the cxl_nvd (CXL Non-Volatile DIMM device) is not yet registered or available at the time the pmem region probe is performed. This leads to a kernel panic or BUG due to a NULL pointer dereference at address 0x78, causing a supervisor read access fault in kernel mode. The root cause is a sequencing problem: the cxl_nvd registration happens after the endpoint port probe, but the endpoint port probe triggers the pmem region probe that requires the cxl_nvd to be present. The fix involves adjusting the probe sequence to ensure that the cxl_nvd is available before the pmem region probe is executed. This is achieved by modifying the cxl_find_nvdimm_bridge() function to accept a port parameter that allows querying the ancestor root port, which is accessible even though the endpoint port itself is not yet available. This change ensures the dependency on cxl_nvd is met, preventing the NULL pointer dereference and subsequent kernel crash. The vulnerability affects Linux kernel versions identified by the commit hash f17b558d6663101f876a1d9cbbad3de0c8f4ce4d and is publicly disclosed as of July 29, 2024. No known exploits are reported in the wild at this time, and no CVSS score has been assigned.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with CXL support and utilizing persistent memory devices. The impact includes potential denial of service (DoS) due to kernel crashes triggered by the NULL pointer dereference during device probing. This can lead to system instability, unexpected reboots, and potential data loss if pmem regions are involved in critical storage or caching operations. Organizations relying on high-availability Linux servers with CXL-connected persistent memory could experience service interruptions. While there is no indication of privilege escalation or remote code execution, the DoS impact on critical infrastructure, data centers, and cloud providers in Europe could be significant, especially in sectors like finance, telecommunications, and research institutions that deploy advanced memory technologies. The absence of known exploits reduces immediate risk, but the vulnerability's presence in the kernel means that any unpatched system could be vulnerable to accidental or malicious triggering of the kernel panic.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernel to the fixed version that addresses CVE-2024-41085 as soon as patches become available from their Linux distribution vendors. Until patches are applied, administrators should consider disabling or avoiding the use of CXL persistent memory features if feasible, to prevent triggering the vulnerable code path. Monitoring kernel logs for signs of cxl_pmem_region_probe failures or kernel oops messages can help detect attempts to exploit or accidentally trigger the vulnerability. For environments where patching is delayed, implementing kernel crash dump analysis and automated system recovery mechanisms can reduce downtime impact. Additionally, organizations should review their hardware inventory to identify systems using CXL-connected persistent memory and prioritize those for patching. Coordination with hardware vendors for firmware updates or configuration guidance related to CXL devices may also be beneficial. Finally, maintaining robust backup and disaster recovery plans will mitigate data loss risks associated with unexpected system crashes.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-07-12T12:17:45.634Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9827c4522896dcbe185f
Added to database: 5/21/2025, 9:08:55 AM
Last enriched: 6/29/2025, 4:26:09 AM
Last updated: 8/16/2025, 2:33:56 AM
Views: 16
Related Threats
CVE-2025-9174: OS Command Injection in neurobin shc
MediumCVE-2025-9171: Cross Site Scripting in SolidInvoice
MediumCVE-2025-9170: Cross Site Scripting in SolidInvoice
MediumCVE-2025-9169: Cross Site Scripting in SolidInvoice
MediumCVE-2025-9168: Cross Site Scripting in SolidInvoice
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.