CVE-2024-46768

Summary

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (hp-wmi-sensors) Check if WMI event data exists

The BIOS can choose to return no event data in response to a WMI event, so the ACPI object passed to the WMI notify handler can be NULL.

Check for such a situation and ignore the event in such a case.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux23902f98f8d4811ab84dde6419569a5b374f8122 < 217539e994e53206bbf3fb330261cc78c480d311affected
LinuxLinux23902f98f8d4811ab84dde6419569a5b374f8122 < 4b19c83ba108aa66226da5b79810e4d19e005f12affected
LinuxLinux23902f98f8d4811ab84dde6419569a5b374f8122 < a54da9df75cd1b4b5028f6c60f9a211532680585affected
LinuxLinux6.5affected
LinuxLinux0 < 6.5unaffected
LinuxLinux6.6.51 <= 6.6.*unaffected
LinuxLinux6.10.10 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References