Unrated severityNVD Advisory· Published May 1, 2024· Updated May 4, 2025
powercap: intel_rapl: Fix a NULL pointer dereference
CVE-2024-26975
Description
In the Linux kernel, the following vulnerability has been resolved:
powercap: intel_rapl: Fix a NULL pointer dereference
A NULL pointer dereference is triggered when probing the MMIO RAPL driver on platforms with CPU ID not listed in intel_rapl_common CPU model list.
This is because the intel_rapl_common module still probes on such platforms even if 'defaults_msr' is not set after commit 1488ac990ac8 ("powercap: intel_rapl: Allow probing without CPUID match"). Thus the MMIO RAPL rp->priv->defaults is NULL when registering to RAPL framework.
Fix the problem by adding sanity check to ensure rp->priv->rapl_defaults is always valid.
Affected products
8- osv-coords6 versionspkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0
< 6.4.0-17.1.1.51+ 5 more
- (no CPE)range: < 6.4.0-17.1.1.51
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 6.4.0-9.1
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 6.4.0-9.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.