CVE-2024-35842

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-35842

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35842.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-35842

Downstream

BELL-CVE-2024-35842

DEBIAN-CVE-2024-35842

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2973-1

UBUNTU-CVE-2024-35842

USN-6818-1

USN-6818-3

USN-6818-4

USN-6819-1

USN-6819-3

USN-6819-4

Related

Published

2024-05-17T15:15:21Z

Modified

2025-09-19T18:47:48Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: mediatek: sof-common: Add NULL check for normal_link string

It's not granted that all entries of struct sofconnstream declare a normal_link (a non-SOF, direct link) string, and this is the case for SoCs that support only SOF paths (hence do not support both direct and SOF usecases).

For example, in the case of MT8188 there is no normallink string in any of the sofconn_stream entries and there will be more drivers doing that in the future.

To avoid possible NULL pointer KPs, add a NULL check for normal_link.

References

Affected packages