CVE-2024-39466

MEDIUM

Linux Kernel 5.15-5.15.160, 5.16-6.1.93, 6.2-6.6.33, 6.7-6.9.4 - NULL Pointer Dereference in QCOM LMH Thermal Driver

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/qcom/lmh: Check for SCM availability at probe Up until now, the necessary scm availability check has not been performed, leading to possible null pointer dereferences (which did happen for me on RB1). Fix that.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/2226b145afa5e13cb60dbe77fb20fb0666a1caf3

Patch

https://git.kernel.org/stable/c/560d69c975072974c11434ca6953891e74c1a665

Patch

https://git.kernel.org/stable/c/0a47ba94ec3d8f782b33e3d970cfcb769b962464

Patch

https://git.kernel.org/stable/c/aa1a0807b4a76b44fb6b58a7e9087cd4b18ab41b

Patch

https://git.kernel.org/stable/c/d9d3490c48df572edefc0b64655259eefdcbb9be

Scores

CVSS v3 5.5

EPSS 0.0021

EPSS Percentile 11.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (17)

linux/Kernel 5.15.0 - 5.15.161linux

linux/Kernel 5.16.0 - 6.1.94linux

linux/Kernel 6.2.0 - 6.6.34linux

linux/Kernel 6.7.0 - 6.9.5linux

Linux/Linux < 5.15

Linux/Linux 5.15

Linux/Linux 5.15.161 - 5.15.*

Linux/Linux 53bca371cdf7addc1e93e1b99285b3d3935685ec - 0a47ba94ec3d8f782b33e3d970cfcb769b962464

Linux/Linux 53bca371cdf7addc1e93e1b99285b3d3935685ec - 2226b145afa5e13cb60dbe77fb20fb0666a1caf3

Linux/Linux 53bca371cdf7addc1e93e1b99285b3d3935685ec - 560d69c975072974c11434ca6953891e74c1a665

... and 7 more

Published Jun 25, 2024

Tracked Since Feb 18, 2026