CVE-2024-58020
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configured(), to handle kernel NULL pointer dereference error.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Trends
Current EPSS score: 0.02%• Percentile: 6%
Techniques & Countermeasures
- CWE-476•NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Systems
- linux•linux
≥ df7ca43fe090e1a56c216c8ebc106ef5fd49afc6, < a04d96ef67a42165f93194eef22a270acba4b74c | ≥ 15ec7cb55e7d88755aa01d44a7a1015a42bfce86, < a6bfd3856e9f3da083f177753c623d58ba935e0a | ≥ dde88ab4e45beb60b217026207aa9c14c88d71ab, < 2052b44cd0a62b6fdbe3371e5ba6029c56c400ca | ≥ 2763732ec1e68910719c75b6b896e11b6d3d622b, < 4e7113f591163d99adc7cbcd7295030c8c5d3fc7 | ≥ 4794394635293a3e74591351fff469cea7ad15a2, < 62f8bf06262b6fc55c58f4c5256140f1382f3b01 | ≥ 4794394635293a3e74591351fff469cea7ad15a2, < aa879ef6d3acf96fa2c7122d0632061d4ea58d48 | ≥ 4794394635293a3e74591351fff469cea7ad15a2, < 97c09cc2e72769edb6994b531edcfa313b96bade | ≥ 4794394635293a3e74591351fff469cea7ad15a2, < 9b8e2220d3a052a690b1d1b23019673e612494c5 | ac0d389402a6ff9ad92cea02c2d8c711483b91ab | 39c70c19456e50dcb3abfe53539220dff0490f1d | 1d7833db9fd118415dace2ca157bfa603dec9c8c | b70ac7849248ec8128fa12f86e3655ba38838f29 | ≥ 5.4.257, < 5.4.291 | ≥ 5.10.195, < 5.10.235 | ≥ 5.15.132, < 5.15.179 | ≥ 6.1.53, < 6.1.129 | ≥ 4.14.326, < 4.15 | ≥ 4.19.295, < 4.20 | ≥ 6.4.16, < 6.5 | ≥ 6.5.3, < 6.6 | 6.6
- linux•linux_kernel
≥ 4.14.326, < 4.15 | ≥ 4.19.295, < 4.20 | ≥ 5.4.257, < 5.5 | ≥ 5.10.195, < 5.11 | ≥ 5.15.132, < 5.16 | ≥ 6.1.53, < 6.1.129 | ≥ 6.4.16, < 6.5 | ≥ 6.5.3, < 6.6.79 | ≥ 6.7, < 6.12.16 | ≥ 6.13, < 6.13.4 | 6.14:rc1 | 6.14:rc2
References (11)
- https://git.kernel.org/stable/c/a04d96ef67a42165f93194eef22a270acba4b74c
- https://git.kernel.org/stable/c/a6bfd3856e9f3da083f177753c623d58ba935e0a
- https://git.kernel.org/stable/c/2052b44cd0a62b6fdbe3371e5ba6029c56c400ca
- https://git.kernel.org/stable/c/4e7113f591163d99adc7cbcd7295030c8c5d3fc7
- https://git.kernel.org/stable/c/62f8bf06262b6fc55c58f4c5256140f1382f3b01
- https://git.kernel.org/stable/c/aa879ef6d3acf96fa2c7122d0632061d4ea58d48
- https://git.kernel.org/stable/c/97c09cc2e72769edb6994b531edcfa313b96bade
- https://git.kernel.org/stable/c/9b8e2220d3a052a690b1d1b23019673e612494c5
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html