CVE-2024-50070

pinctrl: stm32: check devm_kasprintf() returned value

Published: 10/29/2024 Last updated: 5/11/2026 Reserved: 10/21/2024

In the Linux kernel, the following vulnerability has been resolved: pinctrl: stm32: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review.

CNA assigner: Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67) Requested by: n/a

Opam packages affected (29)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes ortools_solvers orun rawlink rawlink-eio rawlink-lwt restricted shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (3)

Product	Vendor	Version
Linux	Linux	5.0.1
Linux	Linux	5.0.2
Linux	Linux	12.2.0.1

References (8)

https://git.kernel.org/stable/c/a8d52de0a6c6b091b2771bcb98ce408cf9d69fe3
https://git.kernel.org/stable/c/3b36bb1fca2b87f6292ca2a8593f297c5e9fab41
https://git.kernel.org/stable/c/1f266957ae1207b0717c2d69096bc70654ae9fcb
https://git.kernel.org/stable/c/b0f0e3f0552a566def55c844b0d44250c58e4df6
https://git.kernel.org/stable/c/a8d52de0a6c6b091b2771bcb98ce408cf9d69fe3
https://git.kernel.org/stable/c/3b36bb1fca2b87f6292ca2a8593f297c5e9fab41
https://git.kernel.org/stable/c/1f266957ae1207b0717c2d69096bc70654ae9fcb
https://git.kernel.org/stable/c/b0f0e3f0552a566def55c844b0d44250c58e4df6