CVE-2024-58020

In the Linux kernel, the following vulnerability has been resolved:

HID: multitouch: Add NULL check in mt_input_configured

devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configured(), to handle kernel NULL pointer dereference error.

Published: Feb 27, 2025
Updated: May 4, 2025
CVE: CVE-2024-58020
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	6.4.16	6.5
linux / linux_kernel	4.19.295	4.20
linux / linux_kernel	4.14.326	4.15
linux / linux_kernel	6.14-rc1	6.14-rc1.x
linux / linux_kernel	6.13	6.13.4
linux / linux_kernel	6.14-rc2	6.14-rc2.x
linux / linux_kernel	5.4.257	5.5
linux / linux_kernel	5.10.195	5.11
linux / linux_kernel	5.15.132	5.16
linux / linux_kernel	6.1.53	6.1.129
linux / linux_kernel	6.5.3	6.6.79
linux / linux_kernel	6.7	6.12.16

https://git.kernel.org/stable/c/2052b44cd0a62b6fdbe3371e5ba6029c56c400ca
https://git.kernel.org/stable/c/4e7113f591163d99adc7cbcd7295030c8c5d3fc7
https://git.kernel.org/stable/c/62f8bf06262b6fc55c58f4c5256140f1382f3b01
https://git.kernel.org/stable/c/97c09cc2e72769edb6994b531edcfa313b96bade
https://git.kernel.org/stable/c/9b8e2220d3a052a690b1d1b23019673e612494c5
https://git.kernel.org/stable/c/a04d96ef67a42165f93194eef22a270acba4b74c
https://git.kernel.org/stable/c/a6bfd3856e9f3da083f177753c623d58ba935e0a
https://git.kernel.org/stable/c/aa879ef6d3acf96fa2c7122d0632061d4ea58d48

Vulnerability Database

CVE-2024-58020