CVE-2024-57852

firmware: qcom: scm: smc: Handle missing SCM device

Description

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") makes it explicit that qcom_scm_get_tzmem_pool() can return NULL, therefore its users should handle this.

N/A
CVSS
Severity:
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/cd955b75849b58b650ca3f87b83bd78cde1da8bc
https://git.kernel.org/stable/c/57a811c0886f3f3677bb4619502b35b5bb917f2e
https://git.kernel.org/stable/c/94f48ecf0a538019ca2025e0b0da391f8e7cc58c

Frequently Asked Questions

What is the severity of CVE-2024-57852?
CVE-2024-57852 has not yet been assigned a CVSS score.
How to fix CVE-2024-57852?
To fix CVE-2024-57852, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-57852 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-57852 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-57852?
CVE-2024-57852 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.