Linux · Linux Kernel · CVE-2024-41052
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 6.6.43
**Description**
The issue is related to the initialization of the count variable in collecting hot-reset devices. This variable is used without initialization, resulting in mistakes in device counting and crashes the userspace if the get hot reset info path is triggered.
**Recommendations**
To resolve the issue, update the Linux kernel to version 6.6.43 or later.
As a temporary workaround, consider disabling the vfio/pci module until a patch is available.
Restrict access to the get hot reset info path to minimize the risk of exploitation.