U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-38550 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: kirkwood: Fix potential NULL dereference In kirkwood_dma_hw_params() mv_mbus_dram_info() returns NULL if CONFIG_PLAT_ORION macro is not defined. Fix this bug by adding NULL check. Found by Linux Verification Center (linuxtesting.org) with SVACE.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/1a7254525ca7a6f3e37d7882d7f7ad97f6235f7c CVE, kernel.org Patch 
https://git.kernel.org/stable/c/5bf5154739cd676b6d0958079070557c8d96afb6 CVE, kernel.org Patch 
https://git.kernel.org/stable/c/802b49e39da669b54bd9b77dc3c649999a446bf6 CVE, kernel.org Patch 
https://git.kernel.org/stable/c/d48d0c5fd733bd6d8d3ddb2ed553777ab4724169 CVE, kernel.org Patch 
https://git.kernel.org/stable/c/de9987cec6fde1dd41dfcb971433e05945852489 CVE, kernel.org Patch 
https://git.kernel.org/stable/c/ea60ab95723f5738e7737b56dda95e6feefa5b50 CVE, kernel.org Patch 

Weakness Enumeration

CWE-ID CWE Name Source
CWE-476 NULL Pointer Dereference CISA-ADP  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

5 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-38550
NVD Published Date:
06/19/2024
NVD Last Modified:
04/01/2025
Source:
kernel.org