CVE-2024-26771 : In the Linux kernel, the following vulnerability has been resolved: dmaengine:

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Add some null pointer checks to the edma_probe devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity.

Published 2024-04-03 17:15:53

Updated 2025-01-27 14:59:27

Source Linux

View at NVD, CVE.org

Products affected by CVE-2024-26771

Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.7 and before (<) 6.7.7
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.2 and before (<) 6.6.19
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.16 and before (<) 6.1.80
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.15.150
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions before (<) 5.10.211
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC1
cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC2
cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2024-26771

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 20 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-26771

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST	2025-01-27
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2024-26771

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2024-26771

https://git.kernel.org/stable/c/9d508c897153ae8dd79303f7f035f078139f6b49

dmaengine: ti: edma: Add some null pointer checks to the edma_probe - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/c432094aa7c9970f2fa10d2305d550d3810657ce

dmaengine: ti: edma: Add some null pointer checks to the edma_probe - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/f2a5e30d1e9a629de6179fa23923a318d5feb29e

dmaengine: ti: edma: Add some null pointer checks to the edma_probe - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/6e2276203ac9ff10fc76917ec9813c660f627369

dmaengine: ti: edma: Add some null pointer checks to the edma_probe - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/7b24760f3a3c7ae1a176d343136b6c25174b7b27

dmaengine: ti: edma: Add some null pointer checks to the edma_probe - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/4fe4e5adc7d29d214c59b59f61db73dec505ca3d

dmaengine: ti: edma: Add some null pointer checks to the edma_probe - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

[SECURITY] [DLA 3842-1] linux-5.10 security update
Mailing List

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2024-26771

Products affected by CVE-2024-26771

Exploit prediction scoring system (EPSS) score for CVE-2024-26771

CVSS scores for CVE-2024-26771

CWE ids for CVE-2024-26771

References for CVE-2024-26771