CVE-2024-41085: 
Linux Kernel vulnerability analysis and mitigation

A NULL pointer dereference vulnerability was discovered in the Linux kernel's CXL (Compute Express Link) subsystem, specifically in the pmem region auto-assembling functionality. The vulnerability, tracked as CVE-2024-41085, affects Linux kernel versions from 6.2 up to (excluding) 6.9.8. When the CXL subsystem attempts to auto-assemble a pmem region during cxl endpoint port probing, it encounters a NULL pointer dereference, leading to a kernel crash (NVD, Kernel Patch).

The vulnerability occurs because the cxlnvd (CXL NVDIMM device) is not available during the pmem region probe. The issue stems from a timing problem where the cxlnvd is registered after the endpoint port probe, but the endpoint probe can trigger a pmem region probe that requires the not-yet-available cxl_nvd. This results in a NULL pointer dereference at address 0x78 during supervisor read access in kernel mode. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability causes a kernel crash due to the NULL pointer dereference, resulting in a denial of service condition. The impact is limited to availability, with no direct impact on confidentiality or integrity of the system (NVD).

The vulnerability has been fixed by adjusting the sequence of operations to ensure the cxlnvd dependency is met before the pmem region probe occurs. The fix involves adding a port parameter to cxlfindnvdimmbridge() that can query the ancestor root port. The patch has been merged into the Linux kernel and is available in updated kernel versions. Users should update their systems to a patched kernel version (Kernel Patch).