CVE-2024-57799

MEDIUM EPSS 6.6%
Published Jan 11, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jan 11, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: samsung-hdptx: Set drvdata before enabling runtime PM In some cases, rk_hdptx_phy_runtime_resume() may be invoked before platform_set_drvdata() is executed in ->probe(), leading to a NULL pointer dereference when using the return of dev_get_drvdata(). Ensure platform_set_drvdata() is called before devm_pm_runtime_enable().

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
6.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥6.9  –  <6.12.8
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any

References 2

  • git.kernel.org https://git.kernel.org/stable/c/7061849a4a1752a06944a819dd1f7bfd58df7383
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9d23e48654620fdccfcc74cc2cef04eaf7353d07
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/7061849a4a1752a06944a819dd1f7bfd58df7383
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9d23e48654620fdccfcc74cc2cef04eaf7353d07
    Patch