CVE-2024-58011

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Feb 27, 2025

Updated: Mar 6, 2025

CWE ID 476

Summary

CVE-2024-58011: A vulnerability affecting the Linux kernel has been addressed. In the int3472 driver, a null pointer check was missing when accessing the adev variable. This issue could potentially occur when a user manually binds an int3472 driver to an i2c/platform device through sysfs, and the adev companion fwnode is not present. The absence of adev would result in a NULL pointer dereference in skl_int3472_get_acpi_buffer(), posing a risk. To mitigate this, a check for adev not being set and returning -ENODEV has been implemented.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3xnuvR
https://www.cve.org/CVERecord?id=CVE-2024-58011
https://nvd.nist.gov/vuln/detail/CVE-2024-58011

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-58011

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations