CVE-2024-50070
10/29/2024 1:15:00 AM
2 ماه قبل
2 ماه قبل
7
Reporter :cve@kernel.org
Modified :10/29/2024 1:15:00 AM
Problem Data :CWE-476
Description
In the Linux kernel, the following vulnerability has been resolved: pinctrl: stm32: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review.
Cvss Version 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | Local |
| Attack Complexity | Low |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | High |