CVE-2024-50117NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference96 documents7 sources
Severity
5.5MEDIUMNVD
OSV8.8OSV7.8OSV6.7OSV6.3OSV4.7
EPSS
0.0%
top 97.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
LinuxLinux KernelDebian Linux+7 more
Timeline
PublishedNov 5
Latest updateMay 28

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ``` ? show_regs (arch/x86/kernel/dumpstack.c:478 (discriminator 1)) ? __die (arch/x86/kernel/dumpstack.c:423 arch/x86/kernel/dumpstack.c:434) ? page_fault_oops (arch/x86/mm/fault.c:544 (discriminator 2) arch/x86/mm/fault.c:705 (discriminator 2)) ? do_user_add

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages12 packages

NVDlinux/linux_kernel4.24.19.323+7
Debianlinux/linux_kernel< 5.10.234-1+3
Ubuntulinux/linux_kernel< 5.4.0-208.228+5

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

47
OSV
linux-raspi-5.4 vulnerabilities2025-05-28
OSV
linux-raspi vulnerabilities2025-05-28
OSV
linux-raspi vulnerabilities2025-05-26
OSV
linux-raspi-realtime vulnerabilities2025-05-20
OSV
linux-azure-nvidia vulnerabilities2025-04-28

📋Vendor Advisories

48
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-28
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-28
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-26
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-05-20
Ubuntu
Linux kernel (Azure, N-Series) vulnerabilities2025-04-28
CVE-2024-50117 — NULL Pointer Dereference in Linux | cvebase