CVE-2024-35842

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-35842
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35842.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-35842
Downstream
Related
Published
2024-05-17T15:15:21Z
Modified
2025-09-19T18:47:48Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: mediatek: sof-common: Add NULL check for normal_link string

It's not granted that all entries of struct sofconnstream declare a normal_link (a non-SOF, direct link) string, and this is the case for SoCs that support only SOF paths (hence do not support both direct and SOF usecases).

For example, in the case of MT8188 there is no normallink string in any of the sofconn_stream entries and there will be more drivers doing that in the future.

To avoid possible NULL pointer KPs, add a NULL check for normal_link.

References

Affected packages