Lucene search

GoogleOSV:CVE-2024-46685

HistorySep 13, 2024 - 6:15 a.m.

CVE-2024-46685

2024-09-1306:15:13

Google

osv.dev

linux kernel

pinctrl

vulnerability

pcs_get_function

null dereference

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: single: fix potential NULL dereference in pcs_get_function()

pinmux_generic_get_function() can return NULL and the pointer ‘function’
was dereferenced without checking against NULL. Add checking of pointer
‘function’ in pcs_get_function().

Found by code review.

References

git.kernel.org/stable/c/0a2bab5ed161318f57134716accba0a30f3af191

git.kernel.org/stable/c/1c38a62f15e595346a1106025722869e87ffe044

git.kernel.org/stable/c/292151af6add3e5ab11b2e9916cffa5f52859a1f

git.kernel.org/stable/c/2cea369a5c2e85ab14ae716da1d1cc6d25c85e11

git.kernel.org/stable/c/4e9436375fcc9bd2a60ee96aba6ed53f7a377d10

git.kernel.org/stable/c/4ed45fe99ec9e3c9478bd634624cd05a57d002f7

git.kernel.org/stable/c/6341c2856785dca7006820b127278058a180c075

git.kernel.org/stable/c/8f0bd526921b6867c2f10a83cd4fd14139adcd92

security-tracker.debian.org/tracker/CVE-2024-46685

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

Low

JSON

Related for OSV:CVE-2024-46685