CVE-2024-49941

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A potential NULL pointer dereference issue has been identified in the gpiod get label() function. The srcu dereference check() function may return a NULL pointer, leading to a scenario where label->str is accessed without verifying if label itself is NULL. This issue caused the label name to be printed as (efault) when dumping the sysfs GPIO file when label == NULL. A patch has been added to include a proper NULL check for label before accessing label->str.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.