CVE-2024-35842

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a `normal_link` (a non-SOF, direct link) string, and this is the case for SoCs that support only SOF paths (hence do not support both direct and SOF usecases). For example, in the case of MT8188 there is no normal_link string in any of the sof_conn_stream entries and there will be more drivers doing that in the future. To avoid possible NULL pointer KPs, add a NULL check for `normal_link`.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

19 Sep 2025, 18:47

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-476
First Time Linux
Linux linux Kernel
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/b1d3db6740d0997ffc6e5a0d96ef7cbd62b35fdd - () https://git.kernel.org/stable/c/b1d3db6740d0997ffc6e5a0d96ef7cbd62b35fdd - Patch
References () https://git.kernel.org/stable/c/cad471227a37c0c7c080bfc9ed01b53750e82afe - () https://git.kernel.org/stable/c/cad471227a37c0c7c080bfc9ed01b53750e82afe - Patch
References () https://git.kernel.org/stable/c/cde6ca5872bf67744dffa875a7cb521ab007b7ef - () https://git.kernel.org/stable/c/cde6ca5872bf67744dffa875a7cb521ab007b7ef - Patch
References () https://git.kernel.org/stable/c/e3b3ec967a7d93b9010a5af9a2394c8b5c8f31ed - () https://git.kernel.org/stable/c/e3b3ec967a7d93b9010a5af9a2394c8b5c8f31ed - Patch

21 Nov 2024, 09:21

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/b1d3db6740d0997ffc6e5a0d96ef7cbd62b35fdd - () https://git.kernel.org/stable/c/b1d3db6740d0997ffc6e5a0d96ef7cbd62b35fdd -
References () https://git.kernel.org/stable/c/cad471227a37c0c7c080bfc9ed01b53750e82afe - () https://git.kernel.org/stable/c/cad471227a37c0c7c080bfc9ed01b53750e82afe -
References () https://git.kernel.org/stable/c/cde6ca5872bf67744dffa875a7cb521ab007b7ef - () https://git.kernel.org/stable/c/cde6ca5872bf67744dffa875a7cb521ab007b7ef -
References () https://git.kernel.org/stable/c/e3b3ec967a7d93b9010a5af9a2394c8b5c8f31ed - () https://git.kernel.org/stable/c/e3b3ec967a7d93b9010a5af9a2394c8b5c8f31ed -
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: mediatek: sof-common: Agregar verificación NULL para la cadena normal_link No se garantiza que todas las entradas de la estructura sof_conn_stream declaren una cadena `normal_link` (un enlace directo no SOF) , y este es el caso de los SoC que solo admiten rutas SOF (por lo tanto, no admiten casos de uso directos y SOF). Por ejemplo, en el caso de MT8188 no hay una cadena normal_link en ninguna de las entradas de sof_conn_stream y habrá más controladores que lo hagan en el futuro. Para evitar posibles KP de puntero NULL, agregue una verificación NULL para `normal_link`.

17 May 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-17 15:15

Updated : 2025-09-19 18:47


NVD link : CVE-2024-35842

Mitre link : CVE-2024-35842

CVE.ORG link : CVE-2024-35842


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference