Linux Kernel Vulnerability in Nuvoton Media Device Initialization

CVE-2024-58082

Summary

A vulnerability in the Linux kernel has been identified within the Nuvoton media device initialization process. The function used to locate a device by a node was not correctly checking for NULL return values following failures. As a result, the system could continue operating as if the device were available, potentially leading to undefined behavior. This vulnerability necessitates improvement in error handling to return the correct error code when device initialization fails, ensuring that the system reacts appropriately and maintains integrity.

References