CVE-2024-35984

CVSS v3.1 5.5 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 28

NVD Status Modified

In the Linux kernel, the following vulnerability has been resolved:

i2c: smbus: fix NULL function pointer dereference

Baruch reported an OOPS when using the designware controller as target
only. Target-only modes break the assumption of one transfer function
always being available. Fix this by always checking the pointer in
__i2c_transfer.

[wsa: dropped the simplification in core-smbus to avoid theoretical regressions]

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
NVD Status: Modified
CNA: kernel.org
Published Date: 2024-05-20 10:15:12
(3 months ago)
Updated Date: 2024-06-27 12:15:27
(2 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.19 version and prior 4.19.313 version	cpe:2.3:o:linux:linux_kernel	>= 3.19	< 4.19.313
Linux Kernel from 4.20 version and prior 5.4.275 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 5.4.275
Linux Kernel from 5.5 version and prior 5.10.216 version	cpe:2.3:o:linux:linux_kernel	>= 5.5	< 5.10.216
Linux Kernel from 5.11 version and prior 5.15.158 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.158
Linux Kernel from 5.16 version and prior 6.1.90 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.90
Linux Kernel from 6.2 version and prior 6.6.30 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.6.30
Linux Kernel from 6.7 version and prior 6.8.9 version	cpe:2.3:o:linux:linux_kernel	>= 6.7	< 6.8.9