CVE-2024-26762

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises from the PCI AER model being an awkward fit for CXL error handling. When a PCI device escalates to link reset to recover from an AER event, the same reset on CXL results in a surprise memory hotplug of massive amounts of memory. The CXL error handler attempts optimistic error handling by unbinding the device from the cxl mem driver after reaping some RAS register values, which may not always succeed. A subsequent AER notification after the memdev unbind event can no longer assume the registers are mapped, leading to potential crashes. The error handler needs to check for memdev bind before reaping status register values to avoid such crashes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.