5.5
CVE-2024-39466
- EPSS 0.21%
- Veröffentlicht 25.06.2024 15:15:15
- Zuletzt bearbeitet 21.11.2024 09:27:43
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
thermal/drivers/qcom/lmh: Check for SCM availability at probe
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/qcom/lmh: Check for SCM availability at probe Up until now, the necessary scm availability check has not been performed, leading to possible null pointer dereferences (which did happen for me on RB1). Fix that.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.15 < 5.15.161
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.94
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.34
Linux ≫ Linux Kernel Version >= 6.7 < 6.9.5
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.115 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/0a47ba94ec3d8f782b33e3d970cfcb769b962464
https://git.kernel.org/stable/c/2226b145afa5e13cb60dbe77fb20fb0666a1caf3
https://git.kernel.org/stable/c/560d69c975072974c11434ca6953891e74c1a665
https://git.kernel.org/stable/c/aa1a0807b4a76b44fb6b58a7e9087cd4b18ab41b
https://git.kernel.org/stable/c/d9d3490c48df572edefc0b64655259eefdcbb9be