CVE-2024-50137

MEDIUM5.5

reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC

Published Nov 5, 2024

Modified 8 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC

data->asserted will be NULL on JH7110 SoC since commit 82327b127d41 ("reset: starfive: Add StarFive JH7110 reset driver") was added. Add the judgment condition to avoid errors when calling reset_control_status on JH7110 SoC.

References

WEBhttps://git.kernel.org/stable/c/2cf59663660799ce16f4dfbed97cdceac7a7fa11 WEBhttps://git.kernel.org/stable/c/3918b2016d28c9b2bddd5ab194ab366a4e2310f5 WEBhttps://git.kernel.org/stable/c/c923f1fb8ae8627322d167b73bb4f978404a05de ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-50137

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedNov 5, 2024

ModifiedMay 4, 2025

CVE-2024-50137 | Mondoo Vulnerability Intelligence