CVE-2024-53069

Summary

In the Linux kernel, the following vulnerability has been resolved:

firmware: qcom: scm: fix a NULL-pointer dereference

Some SCM calls can be invoked with __scm being NULL (the driver may not have been and will not be probed as there's no SCM entry in device-tree). Make sure we don't dereference a NULL pointer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux449d0d84bcd8246b508d07995326d13c54488b8c < 3d36e2b1d803f0d1cc674115d295a8f20ddb9268affected
LinuxLinux449d0d84bcd8246b508d07995326d13c54488b8c < ca61d6836e6f4442a77762e1074d2706a2a6e578affected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux6.11.8 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References