5.5

CVE-2024-26770

HID: nvidia-shield: Add missing null pointer checks to LED initialization

In the Linux kernel, the following vulnerability has been resolved:

HID: nvidia-shield: Add missing null pointer checks to LED initialization

devm_kasprintf() returns a pointer to dynamically allocated memory
which can be NULL upon failure. Ensure the allocation was successful
by checking the pointer validity.

[jkosina@suse.com: tweak changelog a bit]
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 6.6.19
LinuxLinux Kernel Version >= 6.7 < 6.7.7
LinuxLinux Kernel Version6.8 Updaterc1
LinuxLinux Kernel Version6.8 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.145
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/83527a13740f57b45f162e3af4c7db4b88521100
Patch
https://git.kernel.org/stable/c/b6eda11c44dc89a681e1c105f0f4660e69b1e183
Patch
https://git.kernel.org/stable/c/e71cc4a1e584293deafff1a7dea614b0210d0443
Patch