CVE-2024-46685

pinctrl: single: fix potential NULL dereference in pcs_get_function()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: single: fix potential NULL dereference in pcs_get_function()

pinmux_generic_get_function() can return NULL and the pointer 'function'
was dereferenced without checking against NULL. Add checking of pointer
'function' in pcs_get_function().

Found by code review.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-09-11 CVE Reserved
2024-09-13 CVE Published
2024-09-15 EPSS Updated
2024-11-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/571aec4df5b72a80f80d1e524da8fbd7ff525c98	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/0a2bab5ed161318f57134716accba0a30f3af191	2024-09-04
https://git.kernel.org/stable/c/2cea369a5c2e85ab14ae716da1d1cc6d25c85e11	2024-09-04
https://git.kernel.org/stable/c/4e9436375fcc9bd2a60ee96aba6ed53f7a377d10	2024-09-04
https://git.kernel.org/stable/c/6341c2856785dca7006820b127278058a180c075	2024-09-04
https://git.kernel.org/stable/c/8f0bd526921b6867c2f10a83cd4fd14139adcd92	2024-09-04
https://git.kernel.org/stable/c/4ed45fe99ec9e3c9478bd634624cd05a57d002f7	2024-09-04
https://git.kernel.org/stable/c/292151af6add3e5ab11b2e9916cffa5f52859a1f	2024-09-04
https://git.kernel.org/stable/c/1c38a62f15e595346a1106025722869e87ffe044	2024-08-23

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 4.19.321 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 4.19.321"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.4.283 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.4.283"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.10.225 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.10.225"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 5.15.166 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 5.15.166"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.1.108 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.1.108"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.6.49 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.6.49"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.10.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.10.8"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.11 < 6.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.11 < 6.11"		en		Affected