CVE-2024-50160

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-50160
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50160.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50160
Downstream
Related
Published
2024-11-07T09:31:37.095Z
Modified
2026-03-11T07:49:17.703608Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
ALSA: hda/cs8409: Fix possible NULL dereference
Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda/cs8409: Fix possible NULL dereference

If sndhdagenaddkctl fails to allocate memory and returns NULL, then NULL pointer dereference will occur in the next line.

Since dolphinfixups function is a hdafixup function which is not supposed to return any errors, add simple check before dereference, ignore the fail.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50160.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
20e507724113300794f16884e7e7507d9b4dec68
Fixed
4e19aca8db696b6ba4dd8c73657405e15c695f14
Fixed
21dc97d5086fdabbe278786bb0a03cbf2e26c793
Fixed
8971fd61210d75fd2af225621cd2fcc87eb1847c
Fixed
a5dd71a8b849626f42d08a5e73d382f2016fc7bc
Fixed
c9bd4a82b4ed32c6d1c90500a52063e6e341517f

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50160.json"