Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2024-50070 | Mondoo Vulnerability Intelligence

CVE-2024-50070

MEDIUM5.5

pinctrl: stm32: check devm_kasprintf() returned value

Published Oct 29, 2024

Modified 8 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: stm32: check devm_kasprintf() returned value

devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value.

Found by code review.

References

WEBhttps://git.kernel.org/stable/c/1f266957ae1207b0717c2d69096bc70654ae9fcb WEBhttps://git.kernel.org/stable/c/3b36bb1fca2b87f6292ca2a8593f297c5e9fab41 WEBhttps://git.kernel.org/stable/c/a8d52de0a6c6b091b2771bcb98ce408cf9d69fe3 WEBhttps://git.kernel.org/stable/c/b0f0e3f0552a566def55c844b0d44250c58e4df6 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-50070

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedOct 29, 2024

ModifiedMay 4, 2025