CVE-2024-50122

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A race condition exists between the pwrctl platform device rescanning the bus and host controller probe functions when adding PCI power control code. This can lead to an undefined state with two incompletely added devices, resulting in a crash when trying to remove the device over sysfs, causing a kernel NULL pointer dereference. The issue is related to the pci remove resource files and pci remove sysfs dev files functions, and the kernfs find ns and kernfs remove by name ns functions are also involved in the call trace.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.