CVE-2024-43896

In the Linux kernel, the following vulnerability has been resolved: ASoC: cs-amp-lib: Fix NULL pointer crash if efi.get_variable is NULL Call efi_rt_services_supported() to check that efi.get_variable exists before calling it.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*

History

05 Sep 2024, 18:37

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: cs-amp-lib: soluciona el fallo del puntero NULL si efi.get_variable es NULL Llame a efi_rt_services_supported() para comprobar que efi.get_variable existe antes de llamarlo.
CWE CWE-476
References () https://git.kernel.org/stable/c/5b6baaa7cbd77ff980516bad38bbc5a648bb5158 - () https://git.kernel.org/stable/c/5b6baaa7cbd77ff980516bad38bbc5a648bb5158 - Patch
References () https://git.kernel.org/stable/c/dc268085e499666b9f4f0fcb4c5a94e1c0b193b3 - () https://git.kernel.org/stable/c/dc268085e499666b9f4f0fcb4c5a94e1c0b193b3 - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*

26 Aug 2024, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-26 11:15

Updated : 2024-09-05 18:37


NVD link : CVE-2024-43896

Mitre link : CVE-2024-43896

CVE.ORG link : CVE-2024-43896


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference