CVE-2024-35943
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
19/05/2024
Last modified:
03/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
pmdomain: ti: Add a null pointer check to the omap_prm_domain_init<br />
<br />
devm_kasprintf() returns a pointer to dynamically allocated memory<br />
which can be NULL upon failure. Ensure the allocation was successful<br />
by checking the pointer validity.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.10.237 (excluding) | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.181 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.111 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.27 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.6 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/04f23510daa40f9010fadf309507564a34ad956f
- https://git.kernel.org/stable/c/5d7f58ee08434a33340f75ac7ac5071eea9673b3
- https://git.kernel.org/stable/c/984212fa6b4bc6d9ed58f5b0838e8d5af7679ce5
- https://git.kernel.org/stable/c/bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8
- https://git.kernel.org/stable/c/ce666cecc09c0f92d5f86d89d8068ecfcf723a7e
- https://git.kernel.org/stable/c/e65f7eb117e1b44742212d65784236269085e736
- https://git.kernel.org/stable/c/04f23510daa40f9010fadf309507564a34ad956f
- https://git.kernel.org/stable/c/5d7f58ee08434a33340f75ac7ac5071eea9673b3
- https://git.kernel.org/stable/c/ce666cecc09c0f92d5f86d89d8068ecfcf723a7e
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html