CVE-2024-58011

MEDIUM EPSS 9.6%
Published Feb 27, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 27, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: int3472: Check for adev == NULL Not all devices have an ACPI companion fwnode, so adev might be NULL. This can e.g. (theoretically) happen when a user manually binds one of the int3472 drivers to another i2c/platform device through sysfs. Add a check for adev not being set and return -ENODEV in that case to avoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
9.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel* <6.1.129
linuxlinux_kernel*≥6.2  –  <6.6.78
linuxlinux_kernel*≥6.7  –  <6.12.14
linuxlinux_kernel*≥6.13  –  <6.13.3

References 7

  • git.kernel.org https://git.kernel.org/stable/c/0a30353beca2693d30bde477024d755ffecea514
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/46263a0b687a044e645387a9c7692ccd693f09f1
  • git.kernel.org https://git.kernel.org/stable/c/4f8b210823cc2d1f9d967f089a6c00d025bb237f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a808ecf878ad646ebc9c83d9fc4ce72fd9c49d3d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cd2fd6eab480dfc247b737cf7a3d6b009c4d0f1c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f9c7cc44758f4930b41285a6d54afa8cbd9762b4
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0a30353beca2693d30bde477024d755ffecea514
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4f8b210823cc2d1f9d967f089a6c00d025bb237f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a808ecf878ad646ebc9c83d9fc4ce72fd9c49d3d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cd2fd6eab480dfc247b737cf7a3d6b009c4d0f1c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f9c7cc44758f4930b41285a6d54afa8cbd9762b4
    Patch