CVE-2024-50160 Information

Nov 08, 2024 cve

Description

In the Linux kernel the following vulnerability has been resolved:

ALSA: hda/cs8409: Fix possible NULL dereference

If snd_hda_gen_add_kctl fails to allocate memory and returns NULL then NULL pointer dereference will occur in the next line.

Since dolphin_fixups function is a hda_fixup function which is not supposed to return any errors add simple check before dereference ignore the fail.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Reference

https://git.kernel.org/stable/c/4e19aca8db696b6ba4dd8c73657405e15c695f14 https://git.kernel.org/stable/c/21dc97d5086fdabbe278786bb0a03cbf2e26c793 https://git.kernel.org/stable/c/8971fd61210d75fd2af225621cd2fcc87eb1847c https://git.kernel.org/stable/c/a5dd71a8b849626f42d08a5e73d382f2016fc7bc https://git.kernel.org/stable/c/c9bd4a82b4ed32c6d1c90500a52063e6e341517f

Share on: