5.5
CVE-2024-38546
- EPSS 0.25%
- Veröffentlicht 19.06.2024 14:15:14
- Zuletzt bearbeitet 21.11.2024 09:26:18
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
drm: vc4: Fix possible null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: drm: vc4: Fix possible null pointer dereference In vc4_hdmi_audio_init() of_get_address() may return NULL which is later dereferenced. Fix this bug by adding NULL check. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.12 < 5.10.219
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.161
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.93
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.33
Linux ≫ Linux Kernel Version >= 6.7 < 6.8.12
Linux ≫ Linux Kernel Version >= 6.9 < 6.9.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.162 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31
https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb
https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5
https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96
https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49
https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21
https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7