CVE-2024-58011

Опубликовано: 27 фев. 2025

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: int3472: Check for adev == NULL

Not all devices have an ACPI companion fwnode, so adev might be NULL. This can e.g. (theoretically) happen when a user manually binds one of the int3472 drivers to another i2c/platform device through sysfs.

Add a check for adev not being set and return -ENODEV in that case to avoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 6.1.129 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.2 (включая) до 6.6.78 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.7 (включая) до 6.12.14 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.13 (включая) до 6.13.3 (исключая)

EPSS

Процентиль: 13%

0.00045

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

CVE-2024-58011

CVSS3: 5.5

ubuntu

5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: platform/x86: int3472: Check for adev == NULL Not all devices have an ACPI companion fwnode, so adev might be NULL. This can e.g. (theoretically) happen when a user manually binds one of the int3472 drivers to another i2c/platform device through sysfs. Add a check for adev not being set and return -ENODEV in that case to avoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().

CVE-2024-58011

CVSS3: 5.5

redhat

5 месяцев назад

CVE-2024-58011

CVSS3: 5.5

msrc

4 месяца назад

Описание отсутствует

CVE-2024-58011

CVSS3: 5.5

debian

5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: p ...

GHSA-jcx5-2hxr-pwq4

CVSS3: 5.5

github

5 месяцев назад

EPSS

Процентиль: 13%

0.00045

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476