CVE-2024-26975
MEDIUMLinux kernel - NULL Pointer Dereference
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: Fix a NULL pointer dereference A NULL pointer dereference is triggered when probing the MMIO RAPL driver on platforms with CPU ID not listed in intel_rapl_common CPU model list. This is because the intel_rapl_common module still probes on such platforms even if 'defaults_msr' is not set after commit 1488ac990ac8 ("powercap: intel_rapl: Allow probing without CPUID match"). Thus the MMIO RAPL rp->priv->defaults is NULL when registering to RAPL framework. Fix the problem by adding sanity check to ensure rp->priv->rapl_defaults is always valid.
References (4)
Scores
CVSS v3
5.5
EPSS
0.0002
EPSS Percentile
4.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Classification
CWE
CWE-476
Status
published
Affected Products (4)
linux/linux_kernel
< 6.6.24
linux/Kernel
< 6.6.24linux
linux/Kernel
< 6.7.12linux
linux/Kernel
< 6.8.3linux
Timeline
Published
May 01, 2024
Tracked Since
Feb 18, 2026