CVE-2024-46685

MEDIUM EPSS 17.0%
Published Sep 13, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 13, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcs_get_function() pinmux_generic_get_function() can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of pointer 'function' in pcs_get_function(). Found by code review.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
17.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel*≥4.11  –  <4.19.321
linuxlinux_kernel*≥4.20  –  <5.4.283
linuxlinux_kernel*≥5.5  –  <5.10.225
linuxlinux_kernel*≥5.11  –  <5.15.166
linuxlinux_kernel*≥5.16  –  <6.1.108
linuxlinux_kernel*≥6.2  –  <6.6.49
linuxlinux_kernel*≥6.7  –  <6.10.8
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/0a2bab5ed161318f57134716accba0a30f3af191
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1c38a62f15e595346a1106025722869e87ffe044
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/292151af6add3e5ab11b2e9916cffa5f52859a1f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2cea369a5c2e85ab14ae716da1d1cc6d25c85e11
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4e9436375fcc9bd2a60ee96aba6ed53f7a377d10
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4ed45fe99ec9e3c9478bd634624cd05a57d002f7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6341c2856785dca7006820b127278058a180c075
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8f0bd526921b6867c2f10a83cd4fd14139adcd92
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0a2bab5ed161318f57134716accba0a30f3af191
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1c38a62f15e595346a1106025722869e87ffe044
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/292151af6add3e5ab11b2e9916cffa5f52859a1f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2cea369a5c2e85ab14ae716da1d1cc6d25c85e11
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4e9436375fcc9bd2a60ee96aba6ed53f7a377d10
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4ed45fe99ec9e3c9478bd634624cd05a57d002f7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6341c2856785dca7006820b127278058a180c075
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8f0bd526921b6867c2f10a83cd4fd14139adcd92
    Patch