CVE-2024-53231

Summary

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw()

cpufreq_cpu_get_raw() may return NULL if the cpu is not in policy->cpus cpu mask and it will cause null pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux740fcdc2c20ecf855b36b919d7fa1b872b5a7eae < a357b63fd21e4b2791008c2175ba7a8c235ebce1affected
LinuxLinux740fcdc2c20ecf855b36b919d7fa1b872b5a7eae < e07570a8f2cfc51260c6266cb8e1bd4777a610d6affected
LinuxLinux740fcdc2c20ecf855b36b919d7fa1b872b5a7eae < e9b39f1924b76abc18881e4ce899fb232dd23d12affected
LinuxLinux740fcdc2c20ecf855b36b919d7fa1b872b5a7eae < 65fe2f7fdafe2698a343661800434b3f2e51041eaffected
LinuxLinux740fcdc2c20ecf855b36b919d7fa1b872b5a7eae < a78e7207564258db6e373e86294a85f9d646d35aaffected
LinuxLinux5.19affected
LinuxLinux0 < 5.19unaffected
LinuxLinux6.1.120 <= 6.1.*unaffected
LinuxLinux6.6.64 <= 6.6.*unaffected
LinuxLinux6.11.11 <= 6.11.*unaffected
LinuxLinux6.12.2 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References