CVE-2024-58021
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
HID: winwing: Add NULL check in winwing_init_led()
devm_kasprintf() can return a NULL pointer on failure,but this returned value in winwing_init_led() is not checked. Add NULL check in winwing_init_led(), to handle kernel NULL pointer dereference error.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 266c990debad2f9589c7a412e897a8e312b09766 < b99dbdee8a89c44d03ae9830ab19f31e124a3f32 | affected |
| Linux | Linux | 266c990debad2f9589c7a412e897a8e312b09766 < 4001f6f79183b8868d80dd2036dfb4ea3d325e8f | affected |
| Linux | Linux | 266c990debad2f9589c7a412e897a8e312b09766 < 45ab5166a82d038c898985b0ad43ead69c1f9573 | affected |
| Linux | Linux | 6.10 | affected |
| Linux | Linux | 0 < 6.10 | unaffected |
| Linux | Linux | 6.12.16 <= 6.12.* | unaffected |
| Linux | Linux | 6.13.4 <= 6.13.* | unaffected |
| Linux | Linux | 6.14 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/b99dbdee8a89c44d03ae9830ab19f31e124a3f32
- https://git.kernel.org/stable/c/4001f6f79183b8868d80dd2036dfb4ea3d325e8f
- https://git.kernel.org/stable/c/45ab5166a82d038c898985b0ad43ead69c1f9573
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.