{"id":"AZL-62848","summary":"CVE-2024-41008 affecting package kernel 6.6.126.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: change vm-\u003etask_info handling\n\nThis patch changes the handling and lifecycle of vm-\u003etask_info object.\nThe major changes are:\n- vm-\u003etask_info is a dynamically allocated ptr now, and its uasge is\n  reference counted.\n- introducing two new helper funcs for task_info lifecycle management\n    - amdgpu_vm_get_task_info: reference counts up task_info before\n      returning this info\n    - amdgpu_vm_put_task_info: reference counts down task_info\n- last put to task_info() frees task_info from the vm.\n\nThis patch also does logistical changes required for existing usage\nof vm-\u003etask_info.\n\nV2: Do not block all the prints when task_info not found (Felix)\n\nV3: Fixed review comments from Felix\n   - Fix wrong indentation\n   - No debug message for -ENOMEM\n   - Add NULL check for task_info\n   - Do not duplicate the debug messages (ti vs no ti)\n   - Get first reference of task_info in vm_init(), put last\n     in vm_fini()\n\nV4: Fixed review comments from Felix\n   - fix double reference increment in create_task_info\n   - change amdgpu_vm_get_task_info_pasid\n   - additional changes in amdgpu_gem.c while porting","modified":"2026-04-01T05:20:08.922338Z","published":"2024-07-16T08:15:02Z","upstream":["CVE-2024-41008"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41008"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"6.6.126.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-62848.json"}}],"schema_version":"1.7.5"}