#VU102104 NULL pointer dereference in Linux kernel - CVE-2024-56587

Cybersecurity Help s.r.o.

Published: 2024-12-30 | Updated: 2025-05-11

Vulnerability identifier: #VU102104

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56587

CWE-ID: CWE-476

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the brightness_show() and max_brightness_show() functions in drivers/leds/led-class.c. A local user can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 6.6, 6.6 rc1, 6.6 rc2, 6.6 rc3, 6.6 rc4, 6.6 rc5, 6.6 rc6, 6.6.1, 6.6.2, 6.6.3, 6.6.4, 6.6.5, 6.6.6, 6.6.7, 6.6.8, 6.6.9, 6.6.10, 6.6.11, 6.6.12, 6.6.13, 6.6.14, 6.6.15, 6.6.16, 6.6.17, 6.6.18, 6.6.19, 6.6.20, 6.6.21, 6.6.22, 6.6.23, 6.6.24, 6.6.25, 6.6.26, 6.6.27, 6.6.28, 6.6.29, 6.6.30, 6.6.31, 6.6.32, 6.6.33, 6.6.34, 6.6.35, 6.6.36, 6.6.37, 6.6.38, 6.6.39, 6.6.40, 6.6.41, 6.6.42, 6.6.43, 6.6.44, 6.6.45, 6.6.46, 6.6.47, 6.6.48, 6.6.49, 6.6.50, 6.6.51, 6.6.52, 6.6.53, 6.6.54, 6.6.55, 6.6.56, 6.6.57, 6.6.58, 6.6.59, 6.6.60, 6.6.61, 6.6.62, 6.6.63, 6.6.64, 6.6.65

External links
https://git.kernel.org/stable/c/4ca7cd938725a4050dcd62ae9472e931d603118d
https://git.kernel.org/stable/c/50d9f68e4adf86901cbab1bd5b91f710aa9141b9
https://git.kernel.org/stable/c/84b42d5b5fcd767c9b7f30b0b32065ed949fe804
https://git.kernel.org/stable/c/b8283d52ed15c02bb2eb9b1b8644dcc34f8e98f1
https://git.kernel.org/stable/c/bb4a6236a430cfc3713f470f3a969f39d6d4ca25
https://git.kernel.org/stable/c/ddcfc5708da9972ac23a9121b3d819b0a53d6f21
https://git.kernel.org/stable/c/f6d6fb563e4be245a17bc4261a4b294e8bf8a31e
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.66

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Dell SmartFabric Manager update for third-party components

Ubuntu update for linux-raspi-5.4

Ubuntu update for linux-raspi

Multiple vulnerabilities in Dell Secure Connect Gateway

Ubuntu update for linux-gcp-5.15

Ubuntu update for linux-azure-nvidia

openEuler 24.03 LTS update for kernel

Dell APEX Cloud Platform for Red Hat OpenShift update for third-party components

Ubuntu update for linux-ibm-5.15

Ubuntu update for linux-ibm-5.4