CVE-2024-50137

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 5, 2024

Updated: Nov 8, 2024

Summary

CVE-2024-50137 is a vulnerability affecting the Linux kernel. It was discovered that on the JH7110 SoC, the 'data->asserted' member in the 'starfive' driver would be NULL, leading to errors when calling 'reset_control_status'. This issue was caused by a commit added in 2021 that introduced the JH7110 reset driver. To mitigate this vulnerability, a judgment condition has been added to prevent errors on JH7110 SoC when accessing the empty member.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ztxRuk
https://www.cve.org/CVERecord?id=CVE-2024-50137
https://nvd.nist.gov/vuln/detail/CVE-2024-50137

Back to Vulnerability Database