CVE-2024-38571
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
thermal/drivers/tsens: Fix null pointer dereference
compute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c) as compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to null pointer dereference (if DEBUG or DYNAMIC_DEBUG set). Fix this bug by adding null pointer check.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | dfc1193d4dbd6c3cb68c944413146c940bde290a < 27600e0c5272a262b0903e35ae1df37d33c5c1ad | affected |
| Linux | Linux | dfc1193d4dbd6c3cb68c944413146c940bde290a < 11c731386ed82053c2759b6fea1a82ae946e5e0f | affected |
| Linux | Linux | dfc1193d4dbd6c3cb68c944413146c940bde290a < 2d5ca6e4a2872e92a32fdfd87e04dd7d3ced7278 | affected |
| Linux | Linux | dfc1193d4dbd6c3cb68c944413146c940bde290a < 06d17744b77bc6cb29a6c785f4fad8c4163ee653 | affected |
| Linux | Linux | dfc1193d4dbd6c3cb68c944413146c940bde290a < fcf5f1b5f308f2eb422f6aca55d295b25890906b | affected |
| Linux | Linux | dfc1193d4dbd6c3cb68c944413146c940bde290a < d998ddc86a27c92140b9f7984ff41e3d1d07a48f | affected |
| Linux | Linux | 5.13 | affected |
| Linux | Linux | 0 < 5.13 | unaffected |
| Linux | Linux | 5.15.161 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.93 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.33 <= 6.6.* | unaffected |
| Linux | Linux | 6.8.12 <= 6.8.* | unaffected |
| Linux | Linux | 6.9.3 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/27600e0c5272a262b0903e35ae1df37d33c5c1ad
- https://git.kernel.org/stable/c/11c731386ed82053c2759b6fea1a82ae946e5e0f
- https://git.kernel.org/stable/c/2d5ca6e4a2872e92a32fdfd87e04dd7d3ced7278
- https://git.kernel.org/stable/c/06d17744b77bc6cb29a6c785f4fad8c4163ee653
- https://git.kernel.org/stable/c/fcf5f1b5f308f2eb422f6aca55d295b25890906b
- https://git.kernel.org/stable/c/d998ddc86a27c92140b9f7984ff41e3d1d07a48f
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/27600e0c5272a262b0903e35ae1df37d33c5c1ad
- https://git.kernel.org/stable/c/11c731386ed82053c2759b6fea1a82ae946e5e0f
- https://git.kernel.org/stable/c/2d5ca6e4a2872e92a32fdfd87e04dd7d3ced7278
- https://git.kernel.org/stable/c/06d17744b77bc6cb29a6c785f4fad8c4163ee653
- https://git.kernel.org/stable/c/fcf5f1b5f308f2eb422f6aca55d295b25890906b
- https://git.kernel.org/stable/c/d998ddc86a27c92140b9f7984ff41e3d1d07a48f
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.