CVE-2024-39466

low-risk
Published 2024-06-25

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/qcom/lmh: Check for SCM availability at probe Up until now, the necessary scm availability check has not been performed, leading to possible null pointer dereferences (which did happen for me on RB1). Fix that.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Linux

References (10)

Patch https://git.kernel.org/stable/c/0a47ba94ec3d8f782b33e3d970cfcb769b962464
Patch https://git.kernel.org/stable/c/2226b145afa5e13cb60dbe77fb20fb0666a1caf3
Patch https://git.kernel.org/stable/c/560d69c975072974c11434ca6953891e74c1a665
Patch https://git.kernel.org/stable/c/aa1a0807b4a76b44fb6b58a7e9087cd4b18ab41b
Patch https://git.kernel.org/stable/c/d9d3490c48df572edefc0b64655259eefdcbb9be
Patch https://git.kernel.org/stable/c/0a47ba94ec3d8f782b33e3d970cfcb769b962464
Patch https://git.kernel.org/stable/c/2226b145afa5e13cb60dbe77fb20fb0666a1caf3
Patch https://git.kernel.org/stable/c/560d69c975072974c11434ca6953891e74c1a665
Patch https://git.kernel.org/stable/c/aa1a0807b4a76b44fb6b58a7e9087cd4b18ab41b
Patch https://git.kernel.org/stable/c/d9d3490c48df572edefc0b64655259eefdcbb9be
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal