Vulnerabilities > CVE-2024-57978 - NULL Pointer Dereference vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Fix potential error pointer dereference in detach_pm() The proble is on the first line: if (jpeg->pd_dev[i] && !pm_runtime_suspended(jpeg->pd_dev[i])) If jpeg->pd_dev[i] is an error pointer, then passing it to pm_runtime_suspended() will lead to an Oops. The other conditions check for both error pointers and NULL, but it would be more clear to use the IS_ERR_OR_NULL() check for that.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 6 |
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/1378ffec30367233152b7dbf4fa6a25ee98585d1
- https://git.kernel.org/stable/c/1b2af918bb714937a8be6cb637f528585461cd98
- https://git.kernel.org/stable/c/6e601a64f7777e2f78c02db1a8b5ba3b7c5e9e31
- https://git.kernel.org/stable/c/f0b8535a7885ed4fd0b11625addb5476cae0f845
- https://git.kernel.org/stable/c/fde89fe11b44500bfcb2d405825b69a5df805d19