CVE-2024-50137

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 5, 2024
Updated: Nov 8, 2024

Summary

CVE-2024-50137 is a vulnerability affecting the Linux kernel. It was discovered that on the JH7110 SoC, the 'data->asserted' member in the 'starfive' driver would be NULL, leading to errors when calling 'reset_control_status'. This issue was caused by a commit added in 2021 that introduced the JH7110 reset driver. To mitigate this vulnerability, a judgment condition has been added to prevent errors on JH7110 SoC when accessing the empty member.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share