Linux Kernel Error Pointer Dereference in IMX JPEG Driver
CVE-2024-57978

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

What is CVE-2024-57978?

A vulnerability exists in the IMX JPEG driver of the Linux kernel, where the code may dereference an error pointer. Specifically, the check for the pointer involves determining if it is not NULL and not an error pointer before passing it to the pm_runtime_suspended() function. If an error pointer is erroneously passed, it can lead to system instability, manifesting as an Oops. The fix involves using IS_ERR_OR_NULL() to clearly verify both cases, thus preventing the potential dereference issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux f3c4e088ec01cae45931a18ddf7cae0f4d72e1c5

Linux 12914fd765ba4f9d6a9a50439e8dd2e9f91423f2

Linux b7a830bbc25da0f641e3ef2bac3b1766b2777a8b < 1b2af918bb714937a8be6cb637f528585461cd98

References

https://git.kernel.org/stable/c/a32ba399a030853f2db45a90b...

https://git.kernel.org/stable/c/fde89fe11b44500bfcb2d4058...

https://git.kernel.org/stable/c/1b2af918bb714937a8be6cb63...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Feb 27, 2025

JSON

Linux

What is CVE-2024-57978?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.