CVE-2024-42074

MEDIUM

Linux Kernel < 6.6 - NULL Pointer Dereference in ASoC ACP Resume Function

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: add a null check for chip_pdev structure When acp platform device creation is skipped, chip->chip_pdev value will remain NULL. Add NULL check for chip->chip_pdev structure in snd_acp_resume() function to avoid null pointer dereference.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/e158ed266fc1adfa456880fb6dabce2e5623843b

Patch

https://git.kernel.org/stable/c/b0c39ae1cc86afe74aa2f6273ccb514f8d180cf6

Patch

https://git.kernel.org/stable/c/98d919dfee1cc402ca29d45da642852d7c9a2301

Scores

CVSS v3 5.5

EPSS 0.0022

EPSS Percentile 13.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (9)

Linux/Linux < 6.6

Linux/Linux 088a40980efbc2c449b72f0f2c7ebd82f71d08e2 - 98d919dfee1cc402ca29d45da642852d7c9a2301

Linux/Linux 088a40980efbc2c449b72f0f2c7ebd82f71d08e2 - b0c39ae1cc86afe74aa2f6273ccb514f8d180cf6

Linux/Linux 088a40980efbc2c449b72f0f2c7ebd82f71d08e2 - e158ed266fc1adfa456880fb6dabce2e5623843b

Linux/Linux 6.10

Linux/Linux 6.6

Linux/Linux 6.6.37 - 6.6.*

Linux/Linux 6.9.8 - 6.9.*

linux/linux_kernel < 6.6

Published Jul 29, 2024

Tracked Since Feb 18, 2026