CVE-2024-43822

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoc: PCM6240: Return directly after a failed devm_kzalloc() in pcmdevice_i2c_probe()

The value “-ENOMEM” was assigned to the local variable “ret” in one if branch after a devm_kzalloc() call failed at the beginning. This error code will trigger then a pcmdevice_remove() call with a passed null pointer so that an undesirable dereference will be performed. Thus return the appropriate error code directly.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1324eafd37aa5c5b970c1b48a857acc81f0685c8 < fa6f16eff7320c91e908309e31be34cbbe4b7e58affected
LinuxLinux1324eafd37aa5c5b970c1b48a857acc81f0685c8 < 3722873d49a1788d5420894d4f6f63e35f5c1f13affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.10.3 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References