CVE-2024-27051
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return 0 in case of error. Found by Linux Verification Center (linuxtesting.org) with SVACE.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Trends
Current EPSS score: 0.01%• Percentile: 1%
Techniques & Countermeasures
- CWE-476•NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Systems
- linux•linux
≥ de322e085995b9417582d6f72229dadb5c09d163, < 9127599c075caff234359950117018a010dd01db | ≥ de322e085995b9417582d6f72229dadb5c09d163, < d951cf510fb0df91d3abac0121a59ebbc63c0567 | ≥ de322e085995b9417582d6f72229dadb5c09d163, < e72160cb6e23b78b41999d6885a34ce8db536095 | ≥ de322e085995b9417582d6f72229dadb5c09d163, < b25b64a241d769e932a022e5c780cf135ef56035 | ≥ de322e085995b9417582d6f72229dadb5c09d163, < 74b84d0d71180330efe67c82f973a87f828323e5 | ≥ de322e085995b9417582d6f72229dadb5c09d163, < e6e3e51ffba0784782b1a076d7441605697ea3c6 | ≥ de322e085995b9417582d6f72229dadb5c09d163, < f661017e6d326ee187db24194cabb013d81bc2a6 | 4.10
- linux•linux_kernel
≥ 4.10, < 5.10.214 | ≥ 5.11, < 5.15.153 | ≥ 5.16, < 6.1.83 | ≥ 6.2, < 6.6.23 | ≥ 6.7, < 6.7.11 | ≥ 6.8, < 6.8.2
References (8)
- https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db
- https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567
- https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095
- https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035
- https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5
- https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6
- https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html