VYPR
Unrated severityNVD Advisory· Published Oct 21, 2024· Updated May 4, 2025

gpiolib: Fix potential NULL pointer dereference in gpiod_get_label()

CVE-2024-49941

Description

In the Linux kernel, the following vulnerability has been resolved:

gpiolib: Fix potential NULL pointer dereference in gpiod_get_label()

In gpiod_get_label(), it is possible that srcu_dereference_check() may return a NULL pointer, leading to a scenario where label->str is accessed without verifying if label itself is NULL.

This patch adds a proper NULL check for label before accessing label->str. The check for label->str != NULL is removed because label->str can never be NULL if label is not NULL.

This fixes the issue where the label name was being printed as (efault) when dumping the sysfs GPIO file when label == NULL.

Affected products

12

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.