CVE-2024-56696

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: core: Fix possible NULL dereference caused by kunit_kzalloc()

kunit_kzalloc() may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add NULL checks for all the kunit_kzalloc() in sound_kunit.c

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3e39acf56ededdebd1033349a16b704839b94b28 < f5486bf8abfe778b368d8fd1aa655dc01d0013caaffected
LinuxLinux3e39acf56ededdebd1033349a16b704839b94b28 < 8bfff486ecc79a72e9380e2d5e0ff234d5542d2faffected
LinuxLinux3e39acf56ededdebd1033349a16b704839b94b28 < 9ad467a2b2716d4ed12f003b041aa6c776a13ff5affected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.11.11 <= 6.11.*unaffected
LinuxLinux6.12.2 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References