CVE-2024-42074

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-42074
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: add a null check for chip_pdev structure When acp platform device creation is skipped, chip->chip_pdev value will remain NULL. Add NULL check for chip->chip_pdev structure in snd_acp_resume() function to avoid null pointer dereference.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/98d919dfee1cc402ca29d45da642852d7c9a2301 Patch
https://git.kernel.org/stable/c/b0c39ae1cc86afe74aa2f6273ccb514f8d180cf6 Patch
https://git.kernel.org/stable/c/e158ed266fc1adfa456880fb6dabce2e5623843b Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

30 Jul 2024, 19:00

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ASoC: amd: acp: agregue una verificación nula para la estructura chip_pdev Cuando se omite la creación del dispositivo de plataforma acp, el valor chip->chip_pdev permanecerá NULL. Agregue una verificación NULL para la estructura chip->chip_pdev en la función snd_acp_resume() para evitar la desreferencia del puntero nulo.
First Time Linux
Linux linux Kernel
References () https://git.kernel.org/stable/c/98d919dfee1cc402ca29d45da642852d7c9a2301 - () https://git.kernel.org/stable/c/98d919dfee1cc402ca29d45da642852d7c9a2301 - Patch
References () https://git.kernel.org/stable/c/b0c39ae1cc86afe74aa2f6273ccb514f8d180cf6 - () https://git.kernel.org/stable/c/b0c39ae1cc86afe74aa2f6273ccb514f8d180cf6 - Patch
References () https://git.kernel.org/stable/c/e158ed266fc1adfa456880fb6dabce2e5623843b - () https://git.kernel.org/stable/c/e158ed266fc1adfa456880fb6dabce2e5623843b - Patch
CWE CWE-476
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

29 Jul 2024, 16:21

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-29 16:15

Updated : 2024-07-30 19:00

NVD link : CVE-2024-42074

Mitre link : CVE-2024-42074

CVE.ORG link : CVE-2024-42074

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference