Linux · Linux Kernel · CVE-2024-27038
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to a NULL pointer dereference in the `clk core get()` function. This function can dereference a NULL pointer in a specific sequence of calls, including `of clk get hw from clkspec()`, ` of clk get hw from provider()`, and ` clk get hw()`. The ` clk get hw()` function can return NULL, which is then dereferenced by `clk core get()` at `hw->core`. Prior to a specific commit, a check was performed that would have caught the NULL pointer. The function needs to be updated to check for `hw` before dereferencing it and return NULL if `hw` is NULL.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.