CVE-2024-41055 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: mm: prevent derefencing NULL ptr in pfn_section_valid() Commit 5ec8e8ea8b77 ("mm/sparsemem: fix race in accessing memory_section->usage") changed pfn_section_valid() to add a READ_ONCE() call around "ms->usage" to fix a race with section_deactivate() where ms->usage can be cleared. The READ_ONCE() call, by itself, is not enough to prevent NULL pointer dereference. We need to check its value before dereferencing it.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux Rhel E4s Rhel Eus

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2024:7001	2024-09-24T00:00:00Z
kernel-0:4.18.0-553.22.1.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2024:7000	2024-09-24T00:00:00Z
Red Hat Enterprise Linux 9
kernel-0:5.14.0-427.35.1.el9_4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:6567	2024-09-11T00:00:00Z
kernel-0:5.14.0-427.35.1.el9_4	cpe:/o:redhat:enterprise_linux:9	RHSA-2024:6567	2024-09-11T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
kernel-0:5.14.0-70.117.1.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2024:6991	2024-09-24T00:00:00Z
kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0	cpe:/a:redhat:rhel_e4s:9.0::nfv	RHSA-2024:6990	2024-09-24T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
kernel-0:5.14.0-284.90.1.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:8613	2024-10-30T00:00:00Z
kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2	cpe:/a:redhat:rhel_eus:9.2::nfv	RHSA-2024:8614	2024-10-30T00:00:00Z

References

Link	Providers
https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982
https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7
https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e
https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509
https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63
https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503
https://lore.kernel.org/linux-cve-announce/2024072928-CVE-2024-41055-5764@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-41055
https://www.cve.org/CVERecord?id=CVE-2024-41055

History

Wed, 30 Oct 2024 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_eus:9.2::nfv
Vendors & Products		Redhat rhel Eus

Tue, 24 Sep 2024 11:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:enterprise_linux:8

Tue, 24 Sep 2024 06:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel E4s
CPEs		cpe:/a:redhat:enterprise_linux:8::nfv cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_e4s:9.0::nfv
Vendors & Products		Redhat rhel E4s

Wed, 11 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 10:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux

Thu, 22 Aug 2024 14:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-476
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-07-29T14:32:10.672Z

Updated: 2025-05-04T12:57:33.295Z

Reserved: 2024-07-12T12:17:45.627Z

Link: CVE-2024-41055

Vulnrichment

Updated: 2024-08-02T04:46:52.647Z

NVD

Status : Modified

Published: 2024-07-29T15:15:13.620

Modified: 2024-11-21T09:32:09.107

Link: CVE-2024-41055

Redhat

Severity : Moderate

Publid Date: 2024-07-29T00:00:00Z

Links: CVE-2024-41055 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41055", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-12T12:17:45.627Z", "datePublished": "2024-07-29T14:32:10.672Z", "dateUpdated": "2025-05-04T12:57:33.295Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:57:33.295Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section->usage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms->usage\" to fix a race with section_deactivate() where\nms->usage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/linux/mmzone.h"], "versions": [{"version": "90ad17575d26874287271127d43ef3c2af876cea", "lessThan": "0100aeb8a12d51950418e685f879cc80cb8e5982", "status": "affected", "versionType": "git"}, {"version": "b448de2459b6d62a53892487ab18b7d823ff0529", "lessThan": "bc17f2377818dca643a74499c3f5333500c90503", "status": "affected", "versionType": "git"}, {"version": "68ed9e33324021e9d6b798e9db00ca3093d2012a", "lessThan": "941e816185661bf2b44b488565d09444ae316509", "status": "affected", "versionType": "git"}, {"version": "70064241f2229f7ba7b9599a98f68d9142e81a97", "lessThan": "797323d1cf92d09b7a017cfec576d9babf99cde7", "status": "affected", "versionType": "git"}, {"version": "5ec8e8ea8b7783fab150cf86404fc38cb4db8800", "lessThan": "adccdf702b4ea913ded5ff512239e382d7473b63", "status": "affected", "versionType": "git"}, {"version": "5ec8e8ea8b7783fab150cf86404fc38cb4db8800", "lessThan": "82f0b6f041fad768c28b4ad05a683065412c226e", "status": "affected", "versionType": "git"}, {"version": "3a01daace71b521563c38bbbf874e14c3e58adb7", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/linux/mmzone.h"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.222", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.163", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.100", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.41", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.10", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.210", "versionEndExcluding": "5.10.222"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.149", "versionEndExcluding": "5.15.163"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.76", "versionEndExcluding": "6.1.100"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.15", "versionEndExcluding": "6.6.41"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.9.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982"}, {"url": "https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503"}, {"url": "https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509"}, {"url": "https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7"}, {"url": "https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63"}, {"url": "https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e"}], "title": "mm: prevent derefencing NULL ptr in pfn_section_valid()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:46:52.647Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41055", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:22:28.194623Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:01.312Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:46:52.647Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41055", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:22:28.194623Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:14.094Z"}}], "cna": {"title": "mm: prevent derefencing NULL ptr in pfn_section_valid()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "90ad17575d26", "lessThan": "0100aeb8a12d", "versionType": "git"}, {"status": "affected", "version": "b448de2459b6", "lessThan": "bc17f2377818", "versionType": "git"}, {"status": "affected", "version": "68ed9e333240", "lessThan": "941e81618566", "versionType": "git"}, {"status": "affected", "version": "70064241f222", "lessThan": "797323d1cf92", "versionType": "git"}, {"status": "affected", "version": "5ec8e8ea8b77", "lessThan": "adccdf702b4e", "versionType": "git"}, {"status": "affected", "version": "5ec8e8ea8b77", "lessThan": "82f0b6f041fa", "versionType": "git"}], "programFiles": ["include/linux/mmzone.h"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.8"}, {"status": "unaffected", "version": "0", "lessThan": "6.8", "versionType": "custom"}, {"status": "unaffected", "version": "5.10.222", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.163", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.100", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.41", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.10", "versionType": "custom", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["include/linux/mmzone.h"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982"}, {"url": "https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503"}, {"url": "https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509"}, {"url": "https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7"}, {"url": "https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63"}, {"url": "https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section->usage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms->usage\" to fix a race with section_deactivate() where\nms->usage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-29T14:32:10.672Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41055", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:33:01.312Z", "dateReserved": "2024-07-12T12:17:45.627Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-29T14:32:10.672Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "138634FF-1840-4C45-8CDE-6174B6F50352", "versionEndExcluding": "5.10.222", "versionStartIncluding": "5.10.219", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0720413E-F29A-4C0A-9B57-5158A778C4A2", "versionEndExcluding": "5.15.163", "versionStartIncluding": "5.15.149", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BFB68AD-DB7E-4C4C-B598-274D83D12C4B", "versionEndExcluding": "6.1.100", "versionStartIncluding": "6.1.76", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D8E9231-015C-48A6-BBDD-9DCEA3145858", "versionEndExcluding": "6.6.41", "versionStartIncluding": "6.6.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6FAC1A24-181A-4DB7-801D-4BDF1B4E4116", "versionEndExcluding": "6.9.10", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section->usage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms->usage\" to fix a race with section_deactivate() where\nms->usage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm: evita la eliminaci\u00f3n de la referencia NULL ptr en pfn_section_valid() La confirmaci\u00f3n 5ec8e8ea8b77 (\"mm/sparsemem: corrige la ejecuci\u00f3n al acceder a la secci\u00f3n_memoria->uso\") cambi\u00f3 pfn_section_valid() para agregar un READ_ONCE() llame a \"ms->usage\" para arreglar una ejecuci\u00f3n con section_deactivate() donde se puede borrar ms->usage. La llamada READ_ONCE(), por s\u00ed sola, no es suficiente para evitar la desreferencia al puntero NULL. Necesitamos comprobar su valor antes de desreferenciarlo."}], "id": "CVE-2024-41055", "lastModified": "2024-11-21T09:32:09.107", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-29T15:15:13.620", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:7001", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:7000", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.22.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:6567", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.35.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:6567", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.35.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:6991", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "kernel-0:5.14.0-70.117.1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:6990", "cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv", "package": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:8613", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "kernel-0:5.14.0-284.90.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8614", "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv", "package": "kernel-rt-0:5.14.0-284.90.1.rt14.375.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-10-30T00:00:00Z"}], "bugzilla": {"description": "kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()", "id": "2300429", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300429"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmm: prevent derefencing NULL ptr in pfn_section_valid()\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section->usage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms->usage\" to fix a race with section_deactivate() where\nms->usage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it."], "name": "CVE-2024-41055", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-41055\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-41055\nhttps://lore.kernel.org/linux-cve-announce/2024072928-CVE-2024-41055-5764@gregkh/T"], "statement": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-476: NULL Pointer Dereference vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\nThe platform incorporates secure engineering principles and controls to enforce secure coding practices, including proper memory handling and error checking, reducing the likelihood of null pointer dereference vulnerabilities. Coding standards, tools, and processes support early detection and prevention of memory-related flaws. Static code analysis identifies null dereference and related issues during development, while system monitoring detects memory errors and anomalous behavior in the event of exploitation. Additionally, the platform leverages memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against memory-related vulnerabilities.", "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object