{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-41055","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-07-12T12:17:45.627Z","datePublished":"2024-07-29T14:32:10.672Z","dateUpdated":"2025-11-03T21:59:54.292Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:57:33.295Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section->usage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms->usage\" to fix a race with section_deactivate() where\nms->usage can be cleared.  The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference.  We need to check its value before\ndereferencing it."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["include/linux/mmzone.h"],"versions":[{"version":"90ad17575d26874287271127d43ef3c2af876cea","lessThan":"0100aeb8a12d51950418e685f879cc80cb8e5982","status":"affected","versionType":"git"},{"version":"b448de2459b6d62a53892487ab18b7d823ff0529","lessThan":"bc17f2377818dca643a74499c3f5333500c90503","status":"affected","versionType":"git"},{"version":"68ed9e33324021e9d6b798e9db00ca3093d2012a","lessThan":"941e816185661bf2b44b488565d09444ae316509","status":"affected","versionType":"git"},{"version":"70064241f2229f7ba7b9599a98f68d9142e81a97","lessThan":"797323d1cf92d09b7a017cfec576d9babf99cde7","status":"affected","versionType":"git"},{"version":"5ec8e8ea8b7783fab150cf86404fc38cb4db8800","lessThan":"adccdf702b4ea913ded5ff512239e382d7473b63","status":"affected","versionType":"git"},{"version":"5ec8e8ea8b7783fab150cf86404fc38cb4db8800","lessThan":"82f0b6f041fad768c28b4ad05a683065412c226e","status":"affected","versionType":"git"},{"version":"3a01daace71b521563c38bbbf874e14c3e58adb7","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["include/linux/mmzone.h"],"versions":[{"version":"6.8","status":"affected"},{"version":"0","lessThan":"6.8","status":"unaffected","versionType":"semver"},{"version":"5.10.222","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.163","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.100","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.41","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.9.10","lessThanOrEqual":"6.9.*","status":"unaffected","versionType":"semver"},{"version":"6.10","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.210","versionEndExcluding":"5.10.222"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.149","versionEndExcluding":"5.15.163"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.76","versionEndExcluding":"6.1.100"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.15","versionEndExcluding":"6.6.41"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.9.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982"},{"url":"https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503"},{"url":"https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509"},{"url":"https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7"},{"url":"https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63"},{"url":"https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e"}],"title":"mm: prevent derefencing NULL ptr in pfn_section_valid()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T21:59:54.292Z"}},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-41055","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T16:22:28.194623Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:33:01.312Z"}}]}}