CVE-2024-46769

Summary

In the Linux kernel, the following vulnerability has been resolved:

spi: intel: Add check devm_kasprintf() returned value

intel_spi_populate_chip() use devm_kasprintf() to set pdata->name. This can return a NULL pointer on failure but this returned value is not checked.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe58db3bcd93b9e0bf5068a29f7e1a97c29926830 < 6e68abdc5d674f9f4185bf1e1956368d05df4838affected
LinuxLinuxe58db3bcd93b9e0bf5068a29f7e1a97c29926830 < 2920294686ec23211637998f3ec386dfd3d784a6affected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.10.10 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References