CVE-2024-49962

Summary

In the Linux kernel, the following vulnerability has been resolved:

ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package()

ACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0

ACPI_ALLOCATE_ZEROED() may fail, elements might be NULL and will cause NULL pointer dereference later.

[ rjw: Subject and changelog edits ]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9957510255724c1c746c9a6264c849e9fdd4cd24 < 4669da66ebc5b09881487f30669b0fcdb462188eaffected
LinuxLinux9957510255724c1c746c9a6264c849e9fdd4cd24 < 402b4c6b7500c7cca6972d2456a4a422801035b5affected
LinuxLinux9957510255724c1c746c9a6264c849e9fdd4cd24 < cbb67e245dacd02b5e1d82733892647df1523982affected
LinuxLinux9957510255724c1c746c9a6264c849e9fdd4cd24 < 1c9b8775062f8d854a80caf186af57fc617d454caffected
LinuxLinux9957510255724c1c746c9a6264c849e9fdd4cd24 < f282db38953ad71dd4f3f8877a4e1d37e580e30aaffected
LinuxLinux9957510255724c1c746c9a6264c849e9fdd4cd24 < 4588ea78d3904bebb613b0bb025669e75800f546affected
LinuxLinux9957510255724c1c746c9a6264c849e9fdd4cd24 < a907c113a8b66972f15f084d7dff960207b1f71daffected
LinuxLinux9957510255724c1c746c9a6264c849e9fdd4cd24 < ae5d4c7e76ba393d20366dfea1f39f24560ffb1daffected
LinuxLinux9957510255724c1c746c9a6264c849e9fdd4cd24 < a5242874488eba2b9062985bf13743c029821330affected
LinuxLinux4.4affected
LinuxLinux0 < 4.4unaffected
LinuxLinux4.19.323 <= 4.19.*unaffected
LinuxLinux5.4.285 <= 5.4.*unaffected
LinuxLinux5.10.227 <= 5.10.*unaffected
LinuxLinux5.15.168 <= 5.15.*unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.55 <= 6.6.*unaffected
LinuxLinux6.10.14 <= 6.10.*unaffected
LinuxLinux6.11.3 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References