CVE-2024-50292

MEDIUM

Linux Kernel 5.7-6.11.8 - NULL Pointer Dereference in ASoC SPDIFRX DMA

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove In case of error when requesting ctrl_chan DMA channel, ctrl_chan is not null. So the release of the dma channel leads to the following issue: [ 4.879000] st,stm32-spdifrx 500d0000.audio-controller: dma_request_slave_channel error -19 [ 4.888975] Unable to handle kernel NULL pointer dereference at virtual address 000000000000003d [...] [ 5.096577] Call trace: [ 5.099099] dma_release_channel+0x24/0x100 [ 5.103235] stm32_spdifrx_remove+0x24/0x60 [snd_soc_stm32_spdifrx] [ 5.109494] stm32_spdifrx_probe+0x320/0x4c4 [snd_soc_stm32_spdifrx] To avoid this issue, release channel only if the pointer is valid.

References (8)

Core 8

Scores

CVSS v3 5.5
EPSS 0.0023
EPSS Percentile 13.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-476
Status published
Products (21)
linux/Kernel 5.11.0 - 5.15.172linux
linux/Kernel 5.16.0 - 6.1.117linux
linux/Kernel 5.7.0 - 5.10.230linux
linux/Kernel 6.2.0 - 6.6.61linux
linux/Kernel 6.7.0 - 6.11.8linux
Linux/Linux < 5.7
Linux/Linux 5.10.230 - 5.10.*
Linux/Linux 5.15.172 - 5.15.*
Linux/Linux 5.7
Linux/Linux 6.1.117 - 6.1.*
... and 11 more
Published Nov 19, 2024
Tracked Since Feb 18, 2026