CVE-2024-38571

Summary

In the Linux kernel, the following vulnerability has been resolved:

thermal/drivers/tsens: Fix null pointer dereference

compute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c) as compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to null pointer dereference (if DEBUG or DYNAMIC_DEBUG set). Fix this bug by adding null pointer check.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxdfc1193d4dbd6c3cb68c944413146c940bde290a < 27600e0c5272a262b0903e35ae1df37d33c5c1adaffected
LinuxLinuxdfc1193d4dbd6c3cb68c944413146c940bde290a < 11c731386ed82053c2759b6fea1a82ae946e5e0faffected
LinuxLinuxdfc1193d4dbd6c3cb68c944413146c940bde290a < 2d5ca6e4a2872e92a32fdfd87e04dd7d3ced7278affected
LinuxLinuxdfc1193d4dbd6c3cb68c944413146c940bde290a < 06d17744b77bc6cb29a6c785f4fad8c4163ee653affected
LinuxLinuxdfc1193d4dbd6c3cb68c944413146c940bde290a < fcf5f1b5f308f2eb422f6aca55d295b25890906baffected
LinuxLinuxdfc1193d4dbd6c3cb68c944413146c940bde290a < d998ddc86a27c92140b9f7984ff41e3d1d07a48faffected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.15.161 <= 5.15.*unaffected
LinuxLinux6.1.93 <= 6.1.*unaffected
LinuxLinux6.6.33 <= 6.6.*unaffected
LinuxLinux6.8.12 <= 6.8.*unaffected
LinuxLinux6.9.3 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References