CVE-2024-56767 Information
Jan 08, 2025
cve
Description
In the Linux kernel the following vulnerability has been resolved:
dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset
The at_xdmac_memset_create_desc may return NULL which will lead to a null pointer dereference. For example the len input is error or the atchan->free_descs_list is empty and memory is exhausted. Therefore add check to avoid this.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Reference
https://git.kernel.org/stable/c/54376d8d26596f98ed7432a788314bb9154bf3e3 https://git.kernel.org/stable/c/c43ec96e8d34399bd9dab2f2dc316b904892133f https://git.kernel.org/stable/c/e658f1c133b854b2ae799147301d82dddb8f3162 https://git.kernel.org/stable/c/fdba6d5e455388377ec7e82a5913ddfcc7edd93b
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
5.5
Share on: