CVE-2024-42089

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-42089
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42089.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-42089
Downstream
Related
Published
2024-07-29T16:26:29.288Z
Modified
2026-05-15T11:54:30.043821622Z
Summary
ASoC: fsl-asoc-card: set priv->pdev before using it
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: fsl-asoc-card: set priv->pdev before using it

priv->pdev pointer was set after being used in fslasoccardaudmuxinit(). Move this assignment at the start of the probe function, so sub-functions can correctly use pdev through priv.

fslasoccardaudmuxinit() dereferences priv->pdev to get access to the dev struct, used with dev_err macros. As priv is zero-initialised, there would be a NULL pointer dereference. Note that if priv->dev is dereferenced before assignment but never used, for example if there is no error to be printed, the driver won't crash probably due to compiler optimisations.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42089.json"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.18.0
Fixed
4.19.317
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.279
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.221
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.162
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.97
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.37
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.9.8

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42089.json"