1. Home
  2. Vulnerabilities
  3. CVE-2024-38551

CVE-2024-38551

CVSS v3.1 5.5 (Medium)
55% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 1
Advisories 8
NVD Status Analyzed
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

In the Linux kernel, the following vulnerability has been resolved:

ASoC: mediatek: Assign dummy when codec not specified for a DAI link

MediaTek sound card drivers are checking whether a DAI link is present
and used on a board to assign the correct parameters and this is done
by checking the codec DAI names at probe time.

If no real codec is present, assign the dummy codec to the DAI link
to avoid NULL pointer during string comparison.

Weaknesses
CWE-476
NULL Pointer Dereference
CVE Status
PUBLISHED
NVD Status
Analyzed
CNA
kernel.org
Published Date
2024-06-19 14:15:15
(2 months ago)
Updated Date
2024-08-27 19:54:39
(2 weeks ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 6.3 version and prior 6.6.33 version cpe:2.3:o:linux:linux_kernel >= 6.3 < 6.6.33
  Linux Kernel from 6.7 version and prior 6.8.12 version cpe:2.3:o:linux:linux_kernel >= 6.7 < 6.8.12
  Linux Kernel from 6.9 version and prior 6.9.3 version cpe:2.3:o:linux:linux_kernel >= 6.9 < 6.9.3