CVE-2024-58021

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-58021
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58021.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-58021
Downstream
Related
Published
2025-02-27T02:18:10Z
Modified
2025-10-17T20:17:42.335695Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
HID: winwing: Add NULL check in winwing_init_led()
Details

In the Linux kernel, the following vulnerability has been resolved:

HID: winwing: Add NULL check in winwinginitled()

devmkasprintf() can return a NULL pointer on failure,but this returned value in winwinginitled() is not checked. Add NULL check in winwinginit_led(), to handle kernel NULL pointer dereference error.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
266c990debad2f9589c7a412e897a8e312b09766
Fixed
b99dbdee8a89c44d03ae9830ab19f31e124a3f32
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
266c990debad2f9589c7a412e897a8e312b09766
Fixed
4001f6f79183b8868d80dd2036dfb4ea3d325e8f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
266c990debad2f9589c7a412e897a8e312b09766
Fixed
45ab5166a82d038c898985b0ad43ead69c1f9573

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.2
v6.13.3
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "id": "CVE-2024-58021-2386e8b3",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b99dbdee8a89c44d03ae9830ab19f31e124a3f32",
        "signature_version": "v1",
        "target": {
            "function": "winwing_init_led",
            "file": "drivers/hid/hid-winwing.c"
        },
        "digest": {
            "function_hash": "114955504032866397847333805665285040478",
            "length": 922.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-58021-41b27a4b",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45ab5166a82d038c898985b0ad43ead69c1f9573",
        "signature_version": "v1",
        "target": {
            "file": "drivers/hid/hid-winwing.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "181729797647977691807767213421198541246",
                "53159197407375639436677449980945942874",
                "290882176714131349329703585323563252174",
                "193086350233071651822872085428761632240"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-58021-4596b980",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4001f6f79183b8868d80dd2036dfb4ea3d325e8f",
        "signature_version": "v1",
        "target": {
            "file": "drivers/hid/hid-winwing.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "181729797647977691807767213421198541246",
                "53159197407375639436677449980945942874",
                "290882176714131349329703585323563252174",
                "193086350233071651822872085428761632240"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2024-58021-9a334ddc",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b99dbdee8a89c44d03ae9830ab19f31e124a3f32",
        "signature_version": "v1",
        "target": {
            "file": "drivers/hid/hid-winwing.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "181729797647977691807767213421198541246",
                "53159197407375639436677449980945942874",
                "290882176714131349329703585323563252174",
                "193086350233071651822872085428761632240"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2024-58021-de76ea0c",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4001f6f79183b8868d80dd2036dfb4ea3d325e8f",
        "signature_version": "v1",
        "target": {
            "function": "winwing_init_led",
            "file": "drivers/hid/hid-winwing.c"
        },
        "digest": {
            "function_hash": "114955504032866397847333805665285040478",
            "length": 922.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2024-58021-e06561ab",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45ab5166a82d038c898985b0ad43ead69c1f9573",
        "signature_version": "v1",
        "target": {
            "function": "winwing_init_led",
            "file": "drivers/hid/hid-winwing.c"
        },
        "digest": {
            "function_hash": "114955504032866397847333805665285040478",
            "length": 922.0
        },
        "deprecated": false
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.10.0
Fixed
6.12.16
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.4