CVE-2024-43818

MEDIUM

Linux Kernel 6.0-6.1.102, 6.2-6.6.43, 6.7-6.10.2 - NULL Pointer Dereference in ASoC AMD Codec Device Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: Adjust error handling in case of absent codec device acpi_get_first_physical_node() can return NULL in several cases (no such device, ACPI table error, reference count drop to 0, etc). Existing check just emit error message, but doesn't perform return. Then this NULL pointer is passed to devm_acpi_dev_add_driver_gpios() where it is dereferenced. Adjust this error handling by adding error code return. Found by Linux Verification Center (linuxtesting.org) with SVACE.

References (5)

Core 5

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Patch

https://git.kernel.org/stable/c/1ba9856cf7f6492b47c1edf853137f320d583db5

Patch

https://git.kernel.org/stable/c/99b642dac24f6d09ba3ebf1d690be8aefff86164

Patch

https://git.kernel.org/stable/c/b1173d64edd276c957b6d09e1f971c85b38f1519

Patch

https://git.kernel.org/stable/c/5080808c3339de2220c602ab7c7fa23dc6c1a5a3

Scores

CVSS v3 5.5

EPSS 0.0022

EPSS Percentile 13.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (14)

linux/Kernel 6.0.0 - 6.1.103linux

linux/Kernel 6.2.0 - 6.6.44linux

linux/Kernel 6.7.0 - 6.10.3linux

Linux/Linux < 6.0

Linux/Linux 02527c3f2300100a25524c8c020d98c7957e485e - 1ba9856cf7f6492b47c1edf853137f320d583db5

Linux/Linux 02527c3f2300100a25524c8c020d98c7957e485e - 5080808c3339de2220c602ab7c7fa23dc6c1a5a3

Linux/Linux 02527c3f2300100a25524c8c020d98c7957e485e - 99b642dac24f6d09ba3ebf1d690be8aefff86164

Linux/Linux 02527c3f2300100a25524c8c020d98c7957e485e - b1173d64edd276c957b6d09e1f971c85b38f1519

Linux/Linux 6.0

Linux/Linux 6.1.103 - 6.1.*

... and 4 more

Published Aug 17, 2024

Tracked Since Feb 18, 2026