CVE-2024-56634

gpio: grgpio: Add NULL check in grgpio_probe

Description

In the Linux kernel, the following vulnerability has been resolved: gpio: grgpio: Add NULL check in grgpio_probe devm_kasprintf() can return a NULL pointer on failure,but this returned value in grgpio_probe is not checked. Add NULL check in grgpio_probe, to handle kernel NULL pointer dereference error.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.05%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/53ff0caa6ad57372d426b4f48fc0f66df43a731f patch
https://git.kernel.org/stable/c/4733f68e59bb7b9e3d395699abb18366954b9ba7 patch
https://git.kernel.org/stable/c/ad4dfa7ea7f5f7e9a3c78627cfc749bc7005ca7a patch
https://git.kernel.org/stable/c/09adf8792b61c09ae543972a1ece1884ef773848 patch
https://git.kernel.org/stable/c/8d2ca6ac3711a4f4015d26b7cc84f325ac608edb patch
https://git.kernel.org/stable/c/db2fc255fcf41f536ac8666409849e11659af88d patch
https://git.kernel.org/stable/c/050b23d081da0f29474de043e9538c1f7a351b3b patch

Frequently Asked Questions

What is the severity of CVE-2024-56634?
CVE-2024-56634 has been scored as a medium severity vulnerability.
How to fix CVE-2024-56634?
To fix CVE-2024-56634, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-56634 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-56634 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-56634?
CVE-2024-56634 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.