CVE-2024-50069

MEDIUM

Linux Kernel 5.16-6.1.113, 6.2-6.6.57, 6.7-6.11.4 - NULL Pointer Dereference in Apple Pinctrl Driver

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: pinctrl: apple: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review.

References (5)

Core 5

Scores

CVSS v3 5.5
EPSS 0.0021
EPSS Percentile 10.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-476
Status published
Products (15)
linux/Kernel 5.16.0 - 6.1.114linux
linux/Kernel 6.2.0 - 6.6.58linux
linux/Kernel 6.7.0 - 6.11.5linux
Linux/Linux < 5.16
Linux/Linux 5.16
Linux/Linux 6.1.114 - 6.1.*
Linux/Linux 6.11.5 - 6.11.*
Linux/Linux 6.12
Linux/Linux 6.6.58 - 6.6.*
Linux/Linux a0f160ffcb83de6a04fa75f9e7bdfe969f2863f7 - 0a4d4dbef622ac8796a6665e0080da2685f9220a
... and 5 more
Published Oct 29, 2024
Tracked Since Feb 18, 2026