CVE-2024-56696

MEDIUM

Linux Kernel - NULL Pointer Dereference in ALSA Core kunit_kzalloc Handling

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix possible NULL dereference caused by kunit_kzalloc() kunit_kzalloc() may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add NULL checks for all the kunit_kzalloc() in sound_kunit.c

References (3)

Core 3

Scores

CVSS v3 5.5
EPSS 0.0020
EPSS Percentile 9.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-476
Status published
Products (11)
linux/Kernel 6.12.0 - 6.12.2linux
linux/Kernel 6.9.0 - 6.11.11linux
Linux/Linux < 6.9
Linux/Linux 3e39acf56ededdebd1033349a16b704839b94b28 - 8bfff486ecc79a72e9380e2d5e0ff234d5542d2f
Linux/Linux 3e39acf56ededdebd1033349a16b704839b94b28 - 9ad467a2b2716d4ed12f003b041aa6c776a13ff5
Linux/Linux 3e39acf56ededdebd1033349a16b704839b94b28 - f5486bf8abfe778b368d8fd1aa655dc01d0013ca
Linux/Linux 6.11.11 - 6.11.*
Linux/Linux 6.12.2 - 6.12.*
Linux/Linux 6.13
Linux/Linux 6.9
... and 1 more
Published Dec 28, 2024
Tracked Since Feb 18, 2026