ГлавнаяУязвимости → CVE-2024-38573
7.5высокая

CVE-2024-38573

→ есть в БДУ: BDU:2024-10732 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference cppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from different places with various parameters. So cpufreq_cpu_get() can return null as 'policy' in some circumstances. Fix this bug by adding null return check. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://git.kernel.org/stable/c/769c4f355b7962895205b86ad35617873feef9a5https://git.kernel.org/stable/c/9a185cc5a79ba408e1c73375706630662304f618https://git.kernel.org/stable/c/b18daa4ec727c0266de5bfc78e818d168cc4aedfhttps://git.kernel.org/stable/c/cf7de25878a1f4508c69dc9f6819c21ba177dbfehttps://git.kernel.org/stable/c/dfec15222529d22b15e5b0d63572a9e39570cab4https://git.kernel.org/stable/c/f84b9b25d045e67a7eee5e73f21278c8ab06713chttps://git.kernel.org/stable/c/769c4f355b7962895205b86ad35617873feef9a5https://git.kernel.org/stable/c/9a185cc5a79ba408e1c73375706630662304f618