CVE-2024-56767 — NULL Pointer Dereference in Linux

CWE-476 — NULL Pointer Dereference96 documents6 sources

Severity

5.5MEDIUMNVD

OSV7.8OSV7.1OSV6.2

EPSS

0.0%

top 97.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedJan 6

Latest updateDec 16

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the atchan->free_descs_list is empty and memory is exhausted. Therefore, add check to avoid this.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

▶NVDlinux/linux_kernel4.2 — 6.1.123+3

▶Debianlinux/linux_kernel< 5.10.234-1+3

▶Ubuntulinux/linux_kernel< 5.4.0-211.231+4

▶CVEListV5linux/linuxb206d9a23ac71cb905f5fb6e0cd813406f89b678 — 3d229600c54e9e0909080ecaf1aab0642aefa5f0+7

▶debiandebian/linux< linux 6.1.123-1 (bookworm)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

linux-azure-fips vulnerabilities↗2025-12-16

▶

OSV

linux-oracle vulnerabilities↗2025-11-19

▶

OSV

linux-fips vulnerabilities↗2025-11-10

▶

OSV

linux-azure, linux-azure-4.15 vulnerabilities↗2025-11-07

▶

OSV

linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities↗2025-11-06

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure FIPS) vulnerabilities↗2025-12-16

▶

Ubuntu

Linux kernel (Oracle) vulnerabilities↗2025-11-19

▶

Ubuntu

Linux kernel (FIPS) vulnerabilities↗2025-11-10

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2025-11-07

▶

Ubuntu

Linux kernel vulnerabilities↗2025-11-06

▶