CVE-2024-24856
5.3
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H
Summary
The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null pointer dereference.
To fix this issue, a null pointer check should be added. If it is null, return exception code AE_NO_MEMORY.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| OpenAnolis | Anolis OS | v4.4 < v6.9 | affected |
Weaknesses
- CWE-476: CWE-476 NULL Pointer Dereference
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.