5.5

CVE-2024-46768

hwmon: (hp-wmi-sensors) Check if WMI event data exists

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (hp-wmi-sensors) Check if WMI event data exists

The BIOS can choose to return no event data in response to a
WMI event, so the ACPI object passed to the WMI notify handler
can be NULL.

Check for such a situation and ignore the event in such a case.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.5 < 6.6.51
LinuxLinux Kernel Version >= 6.7 < 6.10.10
LinuxLinux Kernel Version6.11 Updaterc1
LinuxLinux Kernel Version6.11 Updaterc2
LinuxLinux Kernel Version6.11 Updaterc3
LinuxLinux Kernel Version6.11 Updaterc4
LinuxLinux Kernel Version6.11 Updaterc5
LinuxLinux Kernel Version6.11 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.145
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/217539e994e53206bbf3fb330261cc78c480d311
Patch
https://git.kernel.org/stable/c/4b19c83ba108aa66226da5b79810e4d19e005f12
Patch
https://git.kernel.org/stable/c/a54da9df75cd1b4b5028f6c60f9a211532680585
Patch