Yintirui

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.17.0-rc1-00001-gabb4b3daf18c-dirty **Description** The Linux kernel contained a flaw where memory-only nodes (nodes without CPUs) were not properly initialized. This resulted in a kernel panic during boot when the system attempted to access uninitialized memory nodes via the `free area init()` function, leading to a NULL pointer dereference. The issue stemmed from the `of numa parse cpu nodes` function updating `numa nodes parsed` only for nodes containing CPUs, while memory-only nodes should have been updated in `of numa parse memory nodes`. The vulnerability can be reproduced on ARM64 QEMU with 1 CPU and 2 memory nodes. The functions involved are `of numa init`, `of numa parse cpu nodes`, and `of numa parse memory nodes`. **Recommendations** Update to a version newer than 6.17.0-rc1-00001-gabb4b3daf18c-dirty.