CVE-2024-38615

MEDIUM

Linux Kernel - NULL Pointer Dereference in cpufreq exit() callback

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional The exit() callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn't present.

References (10)

Core 10

Core References

Patch

https://git.kernel.org/stable/c/2d730b465e377396d2a09a53524b96b111f7ccb6

Patch

https://git.kernel.org/stable/c/dfc56ff5ec9904c008e9376d90a6d7e2d2bec4d3

Patch

https://git.kernel.org/stable/c/35db5e76d5e9f752476df5fa0b9018a2398b0378

Patch

https://git.kernel.org/stable/c/8bc9546805e572ad101681437a49939f28777273

Patch

https://git.kernel.org/stable/c/3e99f060cfd2e36504d62c9132b453ade5027e1c

Patch

https://git.kernel.org/stable/c/ae37ebca325097d773d7bb6ec069123b30772872

Patch

https://git.kernel.org/stable/c/a8204d1b6ff762d2171d365c2c8560285d0a233d

Patch

https://git.kernel.org/stable/c/b8f85833c05730d631576008daaa34096bc7f3ce

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-613116.html

Scores

CVSS v3 5.5

EPSS 0.0024

EPSS Percentile 14.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (26)

linux/Kernel 5.1.0 - 5.4.278linux

linux/Kernel 5.11.0 - 5.15.161linux

linux/Kernel 5.16.0 - 6.1.93linux

linux/Kernel 5.5.0 - 5.10.219linux

linux/Kernel 6.2.0 - 6.6.33linux

linux/Kernel 6.7.0 - 6.8.12linux

linux/Kernel 6.9.0 - 6.9.3linux

Linux/Linux < 5.1

Linux/Linux 5.1

Linux/Linux 5.10.219 - 5.10.*

... and 16 more

Published Jun 19, 2024

Tracked Since Feb 18, 2026