CVE-2024-57944
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Jan 21, 2025
Updated: Jan 22, 2025
CWE ID 476
Summary
CVE-2024-57944: A vulnerability has been identified and addressed in the Linux kernel's iio driver for the ti-ads1298 Analog-to-Digital Converter (ADC). The issue stems from a missing NULL check in the ads1298_init function. devm_kasprintf(), which is used in this function to allocate memory, can return a NULL pointer upon failure. Without a NULL check, the kernel may continue execution, potentially leading to undefined behavior or system instability. This vulnerability has been resolved in a recent Linux kernel update.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX