CVE-2024-26975

MEDIUM

Linux kernel - NULL Pointer Dereference

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: Fix a NULL pointer dereference A NULL pointer dereference is triggered when probing the MMIO RAPL driver on platforms with CPU ID not listed in intel_rapl_common CPU model list. This is because the intel_rapl_common module still probes on such platforms even if 'defaults_msr' is not set after commit 1488ac990ac8 ("powercap: intel_rapl: Allow probing without CPUID match"). Thus the MMIO RAPL rp->priv->defaults is NULL when registering to RAPL framework. Fix the problem by adding sanity check to ensure rp->priv->rapl_defaults is always valid.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/0641908b906a133f1494c312a71f9fecbe2b6c78

Patch

https://git.kernel.org/stable/c/9b254feb249981b66ccdb1dae54e757789a15ba1

Patch

https://git.kernel.org/stable/c/2f73cf2ae5e0f4e629db5be3a4380ff7807148e6

Patch

https://git.kernel.org/stable/c/2d1f5006ff95770da502f8cee2a224a1ff83866e

Scores

CVSS v3 5.5

EPSS 0.0023

EPSS Percentile 13.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (14)

linux/Kernel 6.5.0 - 6.6.24linux

linux/Kernel 6.7.0 - 6.7.12linux

linux/Kernel 6.8.0 - 6.8.3linux

Linux/Linux < 6.5

Linux/Linux 1488ac990ac886b1209aa9f94c0c66022bcc8827 - 0641908b906a133f1494c312a71f9fecbe2b6c78

Linux/Linux 1488ac990ac886b1209aa9f94c0c66022bcc8827 - 2d1f5006ff95770da502f8cee2a224a1ff83866e

Linux/Linux 1488ac990ac886b1209aa9f94c0c66022bcc8827 - 2f73cf2ae5e0f4e629db5be3a4380ff7807148e6

Linux/Linux 1488ac990ac886b1209aa9f94c0c66022bcc8827 - 9b254feb249981b66ccdb1dae54e757789a15ba1

Linux/Linux 6.5

Linux/Linux 6.6.24 - 6.6.*

... and 4 more

Published May 01, 2024

Tracked Since Feb 18, 2026