Intel SPI Vulnerability: Unchecked Return Value in devm_kasprintf()

CVE-2024-46769

Currently unrated 🤨

Key Information

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2024

Summary

In the Linux kernel, the following vulnerability has been resolved: spi: intel: Add check devm_kasprintf() returned value intel_spi_populate_chip() use devm_kasprintf() to set pdata->name. This can return a NULL pointer on failure but this returned value is not checked.

Affected Version(s)

Linux < 6e68abdc5d67

Linux < 2920294686ec

Linux <= 6.9

Timeline

Vulnerability published.
Sep 18, 2024
Vulnerability Reserved.
Sep 11, 2024

Collectors

NVD DatabaseMitre Database