← Voltar para CVEs
CVE-2024-50069
MEDIUM5.5
Descricao
In the Linux kernel, the following vulnerability has been resolved: pinctrl: apple: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review.
Detalhes CVE
Pontuacao CVSS v3.15.5
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado10/29/2024
Ultima modificacao11/3/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
linux:linux_kernel
Fraquezas (CWE)
CWE-476CWE-476
Referencias
https://git.kernel.org/stable/c/0a4d4dbef622ac8796a6665e0080da2685f9220a(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/4d2296fb7c80fdc9925d29a8e85d617cad08731a(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/665a58fe663ac7a9ea618dc0b29881649324b116(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/fad940e2dd789155f99ecafa71a7baf6f96530bc(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.