CVE-2024-53069

MEDIUM

Linux Kernel 6.11-6.11.8 - NULL Pointer Dereference in SCM Call Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: fix a NULL-pointer dereference Some SCM calls can be invoked with __scm being NULL (the driver may not have been and will not be probed as there's no SCM entry in device-tree). Make sure we don't dereference a NULL pointer.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/3d36e2b1d803f0d1cc674115d295a8f20ddb9268

Patch

https://git.kernel.org/stable/c/ca61d6836e6f4442a77762e1074d2706a2a6e578

Scores

CVSS v3 5.5

EPSS 0.0019

EPSS Percentile 8.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (9)

linux/Kernel 6.11.0 - 6.11.8linux

Linux/Linux < 6.11

Linux/Linux 449d0d84bcd8246b508d07995326d13c54488b8c - 3d36e2b1d803f0d1cc674115d295a8f20ddb9268

Linux/Linux 449d0d84bcd8246b508d07995326d13c54488b8c - ca61d6836e6f4442a77762e1074d2706a2a6e578

Linux/Linux 6.11

Linux/Linux 6.11.8 - 6.11.*

Linux/Linux 6.12

linux/linux_kernel 6.12 rc1 (6 CPE variants)

linux/linux_kernel 6.11 - 6.11.8

Published Nov 19, 2024

Tracked Since Feb 18, 2026