CVE-2024-56782

Summary

CVE-2024-56782 is a vulnerability affecting the Linux kernel. This issue involves the ACPI (Advanced Configuration and Power Interface) subsystem. Specifically, in the function acpi_quirk_skip_serdev_enumeration(), a NULL check on adev (a device pointer) is missing, leading to potential dereferencing and subsequent crashes or, potentially, exploitation. To mitigate this issue, a check for adev being NULL has been added before calling acpi_dev_hid_match(). It is important to note that this vulnerability may not be actively exploited at this time, but its potential for serious consequences warrants addressing it promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.