CVE-2024-38615

Advisory lineage Upstream: 0 Downstream: 36
Modified
Published: 19 Jun 2024, 13:56
Last modified:12 May 2026, 11:55

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
v3.1 (nvd)
EPSS Score
0.03% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

19 Jun 2024, 13:56
Published
Vulnerability first disclosed
12 May 2026, 11:55
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional The exit() callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn't present.

CVSS Metrics

  • v3.1MEDIUMScore: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.03% Percentile: 8%

Techniques & Countermeasures

  • CWE-476NULL Pointer Dereference

    The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

  • linuxlinux

    ≥ 91a12e91dc39137906d929a4ff6f9c32c59697fa, < 2d730b465e377396d2a09a53524b96b111f7ccb6 | ≥ 91a12e91dc39137906d929a4ff6f9c32c59697fa, < dfc56ff5ec9904c008e9376d90a6d7e2d2bec4d3 | ≥ 91a12e91dc39137906d929a4ff6f9c32c59697fa, < 35db5e76d5e9f752476df5fa0b9018a2398b0378 | ≥ 91a12e91dc39137906d929a4ff6f9c32c59697fa, < 8bc9546805e572ad101681437a49939f28777273 | ≥ 91a12e91dc39137906d929a4ff6f9c32c59697fa, < 3e99f060cfd2e36504d62c9132b453ade5027e1c | ≥ 91a12e91dc39137906d929a4ff6f9c32c59697fa, < ae37ebca325097d773d7bb6ec069123b30772872 | ≥ 91a12e91dc39137906d929a4ff6f9c32c59697fa, < a8204d1b6ff762d2171d365c2c8560285d0a233d | ≥ 91a12e91dc39137906d929a4ff6f9c32c59697fa, < b8f85833c05730d631576008daaa34096bc7f3ce | 5.1

  • linuxlinux_kernel

    ≥ 5.1, < 5.4.278 | ≥ 5.5, < 5.10.219 | ≥ 5.11, < 5.15.161 | ≥ 5.16, < 6.1.93 | ≥ 6.2, < 6.6.33 | ≥ 6.7, < 6.8.12 | ≥ 6.9, < 6.9.3

References (10)