5.5

CVE-2024-50103

ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe()

In the Linux kernel, the following vulnerability has been resolved:

ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe()

A devm_kzalloc() in asoc_qcom_lpass_cpu_platform_probe() could
possibly return NULL pointer. NULL Pointer Dereference may be
triggerred without addtional check.
Add a NULL check for the returned pointer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.10 < 5.15.170
LinuxLinux Kernel Version >= 5.16 < 6.1.115
LinuxLinux Kernel Version >= 6.2 < 6.6.59
LinuxLinux Kernel Version >= 6.7 < 6.11.6
LinuxLinux Kernel Version6.12 Updaterc1
LinuxLinux Kernel Version6.12 Updaterc2
LinuxLinux Kernel Version6.12 Updaterc3
LinuxLinux Kernel Version6.12 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.142
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/03c9c2c2d2d0fe203dfe8f56bedbcf04e303d7c4
https://git.kernel.org/stable/c/1e235d02d803660777ec911a2c467ae41f8539f5
Patch
https://git.kernel.org/stable/c/49da1463c9e3d2082276c3e0e2a8b65a88711cd2
Patch
https://git.kernel.org/stable/c/73cc3f905ca9aa95694eea3dfa1acadc90686368
Patch
https://git.kernel.org/stable/c/a8e691fe1894c8bdf815a6171ee22ae7da8b18aa
Patch
https://git.kernel.org/stable/c/e19bf49e903337641fc230d430d49813e3199902
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html