CVE-2024-41052

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-41052

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-41052.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-41052

Downstream

DEBIAN-CVE-2024-41052

OESA-2024-2124

UBUNTU-CVE-2024-41052

USN-7089-1

USN-7089-2

USN-7089-3

USN-7089-4

USN-7089-5

USN-7089-6

USN-7089-7

USN-7090-1

USN-7095-1

USN-7156-1

Related

Published

2024-07-29T14:32:08Z

Modified

2025-10-17T09:00:49.430788Z

Summary

vfio/pci: Init the count variable in collecting hot-reset devices

Details

In the Linux kernel, the following vulnerability has been resolved:

vfio/pci: Init the count variable in collecting hot-reset devices

The count variable is used without initialization, it results in mistakes in the device counting and crashes the userspace if the get hot reset info path is triggered.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

618fbf4c910a06a3aa6a8b88a5fb1f2197f964f3

Fixed

f476dffc52ea70745dcabf63288e770e50ac9ab3

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

9313244c26f3792daa86f3a18cc3bd5ad60310e0

Fixed

f44136b9652291ac1fc39ca67c053ac624d0d11b

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

f6944d4a0b87c16bc34ae589169e1ded3d4db08e

Fixed

5a88a3f67e37e39f933b38ebb4985ba5822e9eca

Affected versions

v6.*

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.6.36

v6.6.37

v6.6.38

v6.6.39

v6.6.40

v6.9

v6.9-rc6

v6.9-rc7

v6.9.7

v6.9.8

v6.9.9

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.6.36

Fixed

6.6.41

Type: ECOSYSTEM
Events: Introduced

6.9.7

Fixed

6.9.10