We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-49941

gpiolib: Fix potential NULL pointer dereference in gpiod_get_label()



AssignerLinux
Reserved2024-10-21
Published2024-10-21
Updated2024-10-22

Description

In the Linux kernel, the following vulnerability has been resolved: gpiolib: Fix potential NULL pointer dereference in gpiod_get_label() In `gpiod_get_label()`, it is possible that `srcu_dereference_check()` may return a NULL pointer, leading to a scenario where `label->str` is accessed without verifying if `label` itself is NULL. This patch adds a proper NULL check for `label` before accessing `label->str`. The check for `label->str != NULL` is removed because `label->str` can never be NULL if `label` is not NULL. This fixes the issue where the label name was being printed as `(efault)` when dumping the sysfs GPIO file when `label == NULL`.

Product status

Default status
unaffected

a86d27693066 before 9ee4b907d7a5
affected

a86d27693066 before 7b99b5ab8859
affected

Default status
affected

6.9
affected

Any version before 6.9
unaffected

6.11.3
unaffected

6.12-rc2
unaffected

References

https://git.kernel.org/stable/c/9ee4b907d7a5d7a53b4ff7727c371ff3d44ccbbb

https://git.kernel.org/stable/c/7b99b5ab885993bff010ebcd93be5e511c56e28a

cve.org CVE-2024-49941

nvd.nist.gov CVE-2024-49941

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.