CVE-2024-46685

MEDIUM

Linux Kernel 4.11-6.10.8 - NULL Pointer Dereference in pcs_get_function()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of pointer 'function' in pcs_get_function(). Found by code review.

References (10)

Core 10

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Patch

https://git.kernel.org/stable/c/0a2bab5ed161318f57134716accba0a30f3af191

Patch

https://git.kernel.org/stable/c/2cea369a5c2e85ab14ae716da1d1cc6d25c85e11

Patch

https://git.kernel.org/stable/c/4e9436375fcc9bd2a60ee96aba6ed53f7a377d10

Patch

https://git.kernel.org/stable/c/6341c2856785dca7006820b127278058a180c075

Patch

https://git.kernel.org/stable/c/8f0bd526921b6867c2f10a83cd4fd14139adcd92

Patch

https://git.kernel.org/stable/c/4ed45fe99ec9e3c9478bd634624cd05a57d002f7

Patch

https://git.kernel.org/stable/c/292151af6add3e5ab11b2e9916cffa5f52859a1f

Patch

https://git.kernel.org/stable/c/1c38a62f15e595346a1106025722869e87ffe044

Scores

CVSS v3 5.5

EPSS 0.0026

EPSS Percentile 17.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (27)

linux/Kernel 4.11.0 - 4.19.321linux

linux/Kernel 4.20.0 - 5.4.283linux

linux/Kernel 5.11.0 - 5.15.166linux

linux/Kernel 5.16.0 - 6.1.108linux

linux/Kernel 5.5.0 - 5.10.225linux

linux/Kernel 6.2.0 - 6.6.49linux

linux/Kernel 6.7.0 - 6.10.8linux

Linux/Linux < 4.11

Linux/Linux 4.11

Linux/Linux 4.19.321 - 4.19.*

... and 17 more

Published Sep 13, 2024

Tracked Since Feb 18, 2026