CVE-2024-50103

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() A devm_kzalloc() in asoc_qcom_lpass_cpu_platform_probe() could possibly return NULL pointer. NULL Pointer Dereference may be triggerred without addtional check. Add a NULL check for the returned pointer.

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 2%

Techniques & Countermeasures

• CWE-476•NULL Pointer Dereference

  The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

• linux•linux

  ≥ b5022a36d28f6a99c1a57f54246e8b566cf094d5, < 03c9c2c2d2d0fe203dfe8f56bedbcf04e303d7c4 | ≥ b5022a36d28f6a99c1a57f54246e8b566cf094d5, < a8e691fe1894c8bdf815a6171ee22ae7da8b18aa | ≥ b5022a36d28f6a99c1a57f54246e8b566cf094d5, < e19bf49e903337641fc230d430d49813e3199902 | ≥ b5022a36d28f6a99c1a57f54246e8b566cf094d5, < 73cc3f905ca9aa95694eea3dfa1acadc90686368 | ≥ b5022a36d28f6a99c1a57f54246e8b566cf094d5, < 1e235d02d803660777ec911a2c467ae41f8539f5 | ≥ b5022a36d28f6a99c1a57f54246e8b566cf094d5, < 49da1463c9e3d2082276c3e0e2a8b65a88711cd2 | 5.10

• linux•linux_kernel

  ≥ 5.10, < 5.15.170 | ≥ 5.16, < 6.1.115 | ≥ 6.2, < 6.6.59 | ≥ 6.7, < 6.11.6 | 6.12:rc1 | 6.12:rc2 | 6.12:rc3 | 6.12:rc4

References (8)

• https://git.kernel.org/stable/c/03c9c2c2d2d0fe203dfe8f56bedbcf04e303d7c4
• https://git.kernel.org/stable/c/a8e691fe1894c8bdf815a6171ee22ae7da8b18aa
• https://git.kernel.org/stable/c/e19bf49e903337641fc230d430d49813e3199902
• https://git.kernel.org/stable/c/73cc3f905ca9aa95694eea3dfa1acadc90686368
• https://git.kernel.org/stable/c/1e235d02d803660777ec911a2c467ae41f8539f5
• https://git.kernel.org/stable/c/49da1463c9e3d2082276c3e0e2a8b65a88711cd2
• https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
• https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html