CVE-2024-24862

Name of the Vulnerable Software and Affected Versions Linux Kernel versions up to 6.9-rc2

Description The issue is related to a potential null pointer dereference in the pci1xxxx spi probe function. This could be caused by a failed memory allocation by the devm kzalloc function. To prevent null pointer dereferencing, a null pointer check needs to be added. The memory allocated by devm kzalloc will be automatically released.

Recommendations To fix this issue, check spi bus->spi int[iter] to prevent null pointer dereferencing. If the memory allocation fails, directly return -ENOMEM without worrying about memory leaks. Upgrade the affected kernel component immediately to mitigate this local attack vector.