CVE-2024-38546 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31
https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb
https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5
https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96
https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49
https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21
https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7
https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38546-ce19@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-38546
https://www.cve.org/CVERecord?id=CVE-2024-38546

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38546", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-18T19:36:34.919Z", "datePublished": "2024-06-19T13:35:20.024Z", "dateUpdated": "2025-05-04T09:13:43.179Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:13:43.179Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/vc4/vc4_hdmi.c"], "versions": [{"version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "2d9adecc88ab678785b581ab021f039372c324cb", "status": "affected", "versionType": "git"}, {"version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "6cf1874aec42058a5ad621a23b5b2f248def0e96", "status": "affected", "versionType": "git"}, {"version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "80431ea3634efb47a3004305d76486db9dd8ed49", "status": "affected", "versionType": "git"}, {"version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "42c22b63056cea259d5313bf138a834840af85a5", "status": "affected", "versionType": "git"}, {"version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "2a345fe928c21de6f3c3c7230ff509d715153a31", "status": "affected", "versionType": "git"}, {"version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "bd7827d46d403f8cdb43d16744cb1114e4726b21", "status": "affected", "versionType": "git"}, {"version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "c534b63bede6cb987c2946ed4d0b0013a52c5ba7", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/vc4/vc4_hdmi.c"], "versions": [{"version": "4.12", "status": "affected"}, {"version": "0", "lessThan": "4.12", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.219", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.161", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.93", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.33", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.12", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.3", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "5.10.219"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "5.15.161"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "6.1.93"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "6.6.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "6.8.12"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "6.9.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.12", "versionEndExcluding": "6.10"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb"}, {"url": "https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96"}, {"url": "https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49"}, {"url": "https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5"}, {"url": "https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31"}, {"url": "https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21"}, {"url": "https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7"}], "title": "drm: vc4: Fix possible null pointer dereference", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:12:25.139Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38546", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:15:03.912368Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:57.789Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2024-38546 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-06-18T19:36:34.919Z (string)

datePublished : 2024-06-19T13:35:20.024Z (string)

dateUpdated : 2025-05-04T09:13:43.179Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T09:13:43.179Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: drm: vc4: Fix possible null pointer dereference In vc4_hdmi_audio_init() of_get_address() may return NULL which is later dereferenced. Fix this bug by adding NULL check. Found by Linux Verification Center (linuxtesting.org) with SVACE. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/gpu/drm/vc4/vc4_hdmi.c (string)

]

versions : [ »

0 : { »

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 2d9adecc88ab678785b581ab021f039372c324cb (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 6cf1874aec42058a5ad621a23b5b2f248def0e96 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 80431ea3634efb47a3004305d76486db9dd8ed49 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 42c22b63056cea259d5313bf138a834840af85a5 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 2a345fe928c21de6f3c3c7230ff509d715153a31 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : bd7827d46d403f8cdb43d16744cb1114e4726b21 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : c534b63bede6cb987c2946ed4d0b0013a52c5ba7 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/gpu/drm/vc4/vc4_hdmi.c (string)

]

versions : [ »

0 : { »

version : 4.12 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 4.12 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 5.10.219 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.15.161 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 6.1.93 (string)

lessThanOrEqual : 6.1.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 6.6.33 (string)

lessThanOrEqual : 6.6.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 6.8.12 (string)

lessThanOrEqual : 6.8.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 6.9.3 (string)

lessThanOrEqual : 6.9.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 6.10 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.12 (string)

versionEndExcluding : 5.10.219 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.12 (string)

versionEndExcluding : 5.15.161 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.12 (string)

versionEndExcluding : 6.1.93 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.12 (string)

versionEndExcluding : 6.6.33 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.12 (string)

versionEndExcluding : 6.8.12 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.12 (string)

versionEndExcluding : 6.9.3 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.12 (string)

versionEndExcluding : 6.10 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb (string)

}

1 : { »

url : https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7 (string)

}

]

title : drm: vc4: Fix possible null pointer dereference (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T04:12:25.139Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-38546 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-09-10T17:15:03.912368Z (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-09-11T17:34:57.789Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:12:25.139Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38546", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:15:03.912368Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:27.200Z"}}], "cna": {"title": "drm: vc4: Fix possible null pointer dereference", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "2d9adecc88ab678785b581ab021f039372c324cb", "versionType": "git"}, {"status": "affected", "version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "6cf1874aec42058a5ad621a23b5b2f248def0e96", "versionType": "git"}, {"status": "affected", "version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "80431ea3634efb47a3004305d76486db9dd8ed49", "versionType": "git"}, {"status": "affected", "version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "42c22b63056cea259d5313bf138a834840af85a5", "versionType": "git"}, {"status": "affected", "version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "2a345fe928c21de6f3c3c7230ff509d715153a31", "versionType": "git"}, {"status": "affected", "version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "bd7827d46d403f8cdb43d16744cb1114e4726b21", "versionType": "git"}, {"status": "affected", "version": "bb7d78568814a31a11fa14f1479a9fe51f1582ad", "lessThan": "c534b63bede6cb987c2946ed4d0b0013a52c5ba7", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/vc4/vc4_hdmi.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.12"}, {"status": "unaffected", "version": "0", "lessThan": "4.12", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.219", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.161", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.93", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.33", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.12", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9.3", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/vc4/vc4_hdmi.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb"}, {"url": "https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96"}, {"url": "https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49"}, {"url": "https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5"}, {"url": "https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31"}, {"url": "https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21"}, {"url": "https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T09:04:11.240Z"}}}, "cveMetadata": {"cveId": "CVE-2024-38546", "state": "PUBLISHED", "dateUpdated": "2024-12-19T09:04:11.240Z", "dateReserved": "2024-06-18T19:36:34.919Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-19T13:35:20.024Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T04:12:25.139Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-38546 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-09-10T17:15:03.912368Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-09-11T12:42:27.200Z (string)

}

]

cna : { »

title : drm: vc4: Fix possible null pointer dereference (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 2d9adecc88ab678785b581ab021f039372c324cb (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 6cf1874aec42058a5ad621a23b5b2f248def0e96 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 80431ea3634efb47a3004305d76486db9dd8ed49 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 42c22b63056cea259d5313bf138a834840af85a5 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : 2a345fe928c21de6f3c3c7230ff509d715153a31 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : bd7827d46d403f8cdb43d16744cb1114e4726b21 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : bb7d78568814a31a11fa14f1479a9fe51f1582ad (string)

lessThan : c534b63bede6cb987c2946ed4d0b0013a52c5ba7 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : drivers/gpu/drm/vc4/vc4_hdmi.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 4.12 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 4.12 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 5.10.219 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

3 : { »

status : unaffected (string)

version : 5.15.161 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

4 : { »

status : unaffected (string)

version : 6.1.93 (string)

versionType : semver (string)

lessThanOrEqual : 6.1.* (string)

}

5 : { »

status : unaffected (string)

version : 6.6.33 (string)

versionType : semver (string)

lessThanOrEqual : 6.6.* (string)

}

6 : { »

status : unaffected (string)

version : 6.8.12 (string)

versionType : semver (string)

lessThanOrEqual : 6.8.* (string)

}

7 : { »

status : unaffected (string)

version : 6.9.3 (string)

versionType : semver (string)

lessThanOrEqual : 6.9.* (string)

}

8 : { »

status : unaffected (string)

version : 6.10 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : drivers/gpu/drm/vc4/vc4_hdmi.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb (string)

}

1 : { »

url : https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7 (string)

}

]

x_generator : { »

engine : bippy-5f407fcff5a0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: drm: vc4: Fix possible null pointer dereference In vc4_hdmi_audio_init() of_get_address() may return NULL which is later dereferenced. Fix this bug by adding NULL check. Found by Linux Verification Center (linuxtesting.org) with SVACE. (string)

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-12-19T09:04:11.240Z (string)

}

cveMetadata : { »

cveId : CVE-2024-38546 (string)

state : PUBLISHED (string)

dateUpdated : 2024-12-19T09:04:11.240Z (string)

dateReserved : 2024-06-18T19:36:34.919Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-06-19T13:35:20.024Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "58594503-2699-4CEB-8D05-6DFB3484E37A", "versionEndExcluding": "5.10.219", "versionStartIncluding": "4.12", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "31130639-53FE-4726-8986-434EE2528CB2", "versionEndExcluding": "5.15.161", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEFB78EE-F990-4197-BF1C-156760A55667", "versionEndExcluding": "6.1.93", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FCE796DF-3B50-4DC6-BAE5-95271068FC9E", "versionEndExcluding": "6.6.33", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "80550309-67AB-4FD1-AC07-3DED5C4F01B2", "versionEndExcluding": "6.8.12", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E07124C1-19E8-4D21-828D-9932A01D3011", "versionEndExcluding": "6.9.3", "versionStartIncluding": "6.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: vc4: corrige posible desreferencia del puntero nulo En vc4_hdmi_audio_init() of_get_address() puede devolver NULL, que luego se desreferencia. Corrija este error agregando una verificaci\u00f3n NULL. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con SVACE."}], "id": "CVE-2024-38546", "lastModified": "2024-11-21T09:26:18.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-19T14:15:14.877", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 58594503-2699-4CEB-8D05-6DFB3484E37A (string)

versionEndExcluding : 5.10.219 (string)

versionStartIncluding : 4.12 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 31130639-53FE-4726-8986-434EE2528CB2 (string)

versionEndExcluding : 5.15.161 (string)

versionStartIncluding : 5.11 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EEFB78EE-F990-4197-BF1C-156760A55667 (string)

versionEndExcluding : 6.1.93 (string)

versionStartIncluding : 5.16 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FCE796DF-3B50-4DC6-BAE5-95271068FC9E (string)

versionEndExcluding : 6.6.33 (string)

versionStartIncluding : 6.2 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 80550309-67AB-4FD1-AC07-3DED5C4F01B2 (string)

versionEndExcluding : 6.8.12 (string)

versionStartIncluding : 6.7 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E07124C1-19E8-4D21-828D-9932A01D3011 (string)

versionEndExcluding : 6.9.3 (string)

versionStartIncluding : 6.9 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: drm: vc4: Fix possible null pointer dereference In vc4_hdmi_audio_init() of_get_address() may return NULL which is later dereferenced. Fix this bug by adding NULL check. Found by Linux Verification Center (linuxtesting.org) with SVACE. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: vc4: corrige posible desreferencia del puntero nulo En vc4_hdmi_audio_init() of_get_address() puede devolver NULL, que luego se desreferencia. Corrija este error agregando una verificación NULL. Encontrado por el Centro de verificación de Linux (linuxtesting.org) con SVACE. (string)

}

]

id : CVE-2024-38546 (string)

lastModified : 2024-11-21T09:26:18.630 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-06-19T14:15:14.877 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21 (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/2a345fe928c21de6f3c3c7230ff509d715153a31 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/2d9adecc88ab678785b581ab021f039372c324cb (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/42c22b63056cea259d5313bf138a834840af85a5 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6cf1874aec42058a5ad621a23b5b2f248def0e96 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/80431ea3634efb47a3004305d76486db9dd8ed49 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/bd7827d46d403f8cdb43d16744cb1114e4726b21 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/c534b63bede6cb987c2946ed4d0b0013a52c5ba7 (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-476 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: drm: vc4: Fix possible null pointer dereference", "id": "2293453", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293453"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm: vc4: Fix possible null pointer dereference\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\nFound by Linux Verification Center (linuxtesting.org) with SVACE."], "name": "CVE-2024-38546", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-38546\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-38546\nhttps://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38546-ce19@gregkh/T"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: drm: vc4: Fix possible null pointer dereference (string)

id : 2293453 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2293453 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 4.4 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (string)

status : draft (string)

}

cwe : CWE-476 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: drm: vc4: Fix possible null pointer dereference In vc4_hdmi_audio_init() of_get_address() may return NULL which is later dereferenced. Fix this bug by adding NULL check. Found by Linux Verification Center (linuxtesting.org) with SVACE. (string)

]

name : CVE-2024-38546 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-06-19T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2024-38546 https://nvd.nist.gov/vuln/detail/CVE-2024-38546 https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38546-ce19@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object