CVE-2024-38550

low-risk
Published 2024-06-19

In the Linux kernel, the following vulnerability has been resolved: ASoC: kirkwood: Fix potential NULL dereference In kirkwood_dma_hw_params() mv_mbus_dram_info() returns NULL if CONFIG_PLAT_ORION macro is not defined. Fix this bug by adding NULL check. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Do I need to act?

-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.4/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Linux

References (12)

Patch https://git.kernel.org/stable/c/1a7254525ca7a6f3e37d7882d7f7ad97f6235f7c
Patch https://git.kernel.org/stable/c/5bf5154739cd676b6d0958079070557c8d96afb6
Patch https://git.kernel.org/stable/c/802b49e39da669b54bd9b77dc3c649999a446bf6
Patch https://git.kernel.org/stable/c/d48d0c5fd733bd6d8d3ddb2ed553777ab4724169
Patch https://git.kernel.org/stable/c/de9987cec6fde1dd41dfcb971433e05945852489
Patch https://git.kernel.org/stable/c/ea60ab95723f5738e7737b56dda95e6feefa5b50
Patch https://git.kernel.org/stable/c/1a7254525ca7a6f3e37d7882d7f7ad97f6235f7c
Patch https://git.kernel.org/stable/c/5bf5154739cd676b6d0958079070557c8d96afb6
Patch https://git.kernel.org/stable/c/802b49e39da669b54bd9b77dc3c649999a446bf6
Patch https://git.kernel.org/stable/c/d48d0c5fd733bd6d8d3ddb2ed553777ab4724169
Patch https://git.kernel.org/stable/c/de9987cec6fde1dd41dfcb971433e05945852489
Patch https://git.kernel.org/stable/c/ea60ab95723f5738e7737b56dda95e6feefa5b50
20
/ 100
low-risk
Severity 15/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal