{"id":"AZL-57758","summary":"CVE-2024-27079 affecting package kernel 6.6.126.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix NULL domain on device release\n\nIn the kdump kernel, the IOMMU operates in deferred_attach mode. In this\nmode, info-\u003edomain may not yet be assigned by the time the release_device\nfunction is called. It leads to the following crash in the crash kernel:\n\n    BUG: kernel NULL pointer dereference, address: 000000000000003c\n    ...\n    RIP: 0010:do_raw_spin_lock+0xa/0xa0\n    ...\n    _raw_spin_lock_irqsave+0x1b/0x30\n    intel_iommu_release_device+0x96/0x170\n    iommu_deinit_device+0x39/0xf0\n    __iommu_group_remove_device+0xa0/0xd0\n    iommu_bus_notifier+0x55/0xb0\n    notifier_call_chain+0x5a/0xd0\n    blocking_notifier_call_chain+0x41/0x60\n    bus_notify+0x34/0x50\n    device_del+0x269/0x3d0\n    pci_remove_bus_device+0x77/0x100\n    p2sb_bar+0xae/0x1d0\n    ...\n    i801_probe+0x423/0x740\n\nUse the release_domain mechanism to fix it. The scalable mode context\nentry which is not part of release domain should be cleared in\nrelease_device().","modified":"2026-04-01T05:19:12.469569Z","published":"2024-05-01T13:15:51Z","upstream":["CVE-2024-27079"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27079"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"6.6.126.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-57758.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}