CVE-2024-56689

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-56689
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56689.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-56689
Downstream
Related
Published
2024-12-28T09:46:15.587Z
Modified
2025-11-28T02:34:40.470722Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio'
Details

In the Linux kernel, the following vulnerability has been resolved:

PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio'

If platformgetresource_byname() fails and returns NULL because DT lacks an 'mmio' property for the MHI endpoint, dereferencing res->start will cause a NULL pointer access. Add a check to prevent it.

[kwilczynski: error message update per the review feedback] [bhelgaas: commit log]

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56689.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1bf5f25324f7f6a52c3eb566ec5f78f6a901db96
Fixed
242ee2b0ad9b23f47084904fce3f9f228068a1f9
Fixed
c8b9d6b7d62a444e0bca5b9ae28f9f2b0f52feef
Fixed
0e6d92e3b973de78eb7015154cf1197af9fac5c9
Fixed
5089b3d874e9933d9842e90410d3af1520494757

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.5.0
Fixed
6.6.64
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.11
Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.2