acpica: fix CVE-2024-24856 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Yogita Urade <yogita.urade@windriver.com>	2024-06-21 11:05:09 +0000
committer	Steve Sakoman <steve@sakoman.com>	2024-06-26 05:04:39 -0700
commit	064e000b18e10c14c4d2e602d498ec119e62f921 (patch)
tree	c2b6359a1926732a82c51bc42041ad3df257b520 /scripts/lib/devtool/deploy.py
parent	e2366b9d09a8d68b0f4b9b98c4ddda6767352ad9 (diff)
download	poky-064e000b18e10c14c4d2e602d498ec119e62f921.tar.gz

acpica: fix CVE-2024-24856

The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null pointer dereference. To fix this issue, a null pointer check should be added. If it is null, return exception code AE_NO_MEMORY. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-24856 (From OE-Core rev: 0920aacb2a042e10e54db949428471ef9b20c96d) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/devtool/deploy.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: