CVE-2024-58011

Not all devices have an ACPI companion fwnode, so adev might be NULL. This can e.g. (theoretically) happen when a user manually binds one of the int3472 drivers to another i2c/platform device through sysfs.

Add a check for adev not being set and return -ENODEV in that case to avoid a possible NULL pointer deref in sklint3472getacpibuffer().

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58011.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

5de691bffe57fd0fc2b4dcdcf13815c56d11db10

Fixed

46263a0b687a044e645387a9c7692ccd693f09f1

Fixed

4f8b210823cc2d1f9d967f089a6c00d025bb237f

Fixed

f9c7cc44758f4930b41285a6d54afa8cbd9762b4

Fixed

0a30353beca2693d30bde477024d755ffecea514

Fixed

a808ecf878ad646ebc9c83d9fc4ce72fd9c49d3d

Fixed

cd2fd6eab480dfc247b737cf7a3d6b009c4d0f1c

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58011.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.14.0

Fixed

5.15.195

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.129

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.78

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.14

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.13.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58011.json"