Multitouch Handling Vulnerability in Linux Kernel
CVE-2024-58020

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

What is CVE-2024-58020?

In the Linux kernel, a vulnerability in the multitouch handling code can lead to potential NULL pointer dereference. Specifically, the function mt_input_configured fails to check the return value of devm_kasprintf(), which may yield a NULL pointer on error. This oversight can result in unpredictable behavior and system instability. The vulnerability has been addressed with an added check to ensure safe handling of this potential error, thereby enhancing the robustness of the kernel's multitouch support.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux df7ca43fe090e1a56c216c8ebc106ef5fd49afc6

Linux 15ec7cb55e7d88755aa01d44a7a1015a42bfce86

Linux dde88ab4e45beb60b217026207aa9c14c88d71ab < 2052b44cd0a62b6fdbe3371e5ba6029c56c400ca

References

https://git.kernel.org/stable/c/a04d96ef67a42165f93194eef...

https://git.kernel.org/stable/c/a6bfd3856e9f3da083f177753...

https://git.kernel.org/stable/c/2052b44cd0a62b6fdbe3371e5...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Feb 27, 2025

JSON

Linux

What is CVE-2024-58020?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.