CVE-2024-50009

Summary

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value

cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return in case of error.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxec437d71db77a181227bf6d0ac9d4a80e58ecf0f < cd9f7bf6cad8b2d3876105ce3c9fc63460a046f6affected
LinuxLinuxec437d71db77a181227bf6d0ac9d4a80e58ecf0f < 5f250d44b8191d612355dd97b89b37bbc1b5d2cbaffected
LinuxLinuxec437d71db77a181227bf6d0ac9d4a80e58ecf0f < 5493f9714e4cdaf0ee7cec15899a231400cb1a9faffected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux6.6.75 <= 6.6.*unaffected
LinuxLinux6.11.3 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References