CVE-2024-50070

Summary

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: stm32: check devm_kasprintf() returned value

devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value.

Found by code review.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux75285cb2b49a9bfe15fc22aecab45ef25d50e6f2 < a8d52de0a6c6b091b2771bcb98ce408cf9d69fe3affected
LinuxLinux32c170ff15b044579b1f8b8cdabf543406dde9da < 3b36bb1fca2b87f6292ca2a8593f297c5e9fab41affected
LinuxLinux32c170ff15b044579b1f8b8cdabf543406dde9da < 1f266957ae1207b0717c2d69096bc70654ae9fcbaffected
LinuxLinux32c170ff15b044579b1f8b8cdabf543406dde9da < b0f0e3f0552a566def55c844b0d44250c58e4df6affected
LinuxLinux6.6affected
LinuxLinux0 < 6.6unaffected
LinuxLinux6.6.58 <= 6.6.*unaffected
LinuxLinux6.11.5 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

References