5.5

CVE-2024-39466

EPSS 0.03%
Veröffentlicht 25.06.2024 15:15:15
Zuletzt bearbeitet 21.11.2024 09:27:43
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

thermal/drivers/qcom/lmh: Check for SCM availability at probe

Up until now, the necessary scm availability check has not been
performed, leading to possible null pointer dereferences (which did
happen for me on RB1).

Fix that.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.15 < 5.15.161

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.94

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.34

Linux ≫ Linux Kernel Version >= 6.7 < 6.9.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.091

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/0a47ba94ec3d8f782b33e3d970cfcb769b962464

Patch

https://git.kernel.org/stable/c/2226b145afa5e13cb60dbe77fb20fb0666a1caf3

Patch

https://git.kernel.org/stable/c/560d69c975072974c11434ca6953891e74c1a665

Patch

https://git.kernel.org/stable/c/aa1a0807b4a76b44fb6b58a7e9087cd4b18ab41b

Patch

https://git.kernel.org/stable/c/d9d3490c48df572edefc0b64655259eefdcbb9be

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-39466

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-39466

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-39466

EUVD