Unrated severityNVD Advisory· Published Feb 27, 2025· Updated Nov 3, 2025

media: imx-jpeg: Fix potential error pointer dereference in detach_pm()

CVE-2024-57978

Description

In the Linux kernel, the following vulnerability has been resolved:

The proble is on the first line:

if (jpeg->pd_dev[i] && !pm_runtime_suspended(jpeg->pd_dev[i]))

If jpeg->pd_dev[i] is an error pointer, then passing it to pm_runtime_suspended() will lead to an Oops. The other conditions check for both error pointers and NULL, but it would be more clear to use the IS_ERR_OR_NULL() check for that.

Affected products

Linux/Kernelllm-fuzzy
osv-coords62 versions
pkg:deb/ubuntu/linux-aws@6.11.0-1014.15?arch=source&distro=oracular pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-coco_debug&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_6&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_6&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-source-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-syms-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
< 6.11.0-1014.15+ 61 more
- (no CPE)range: < 6.11.0-1014.15
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2.150600.12.20.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.47.2.150600.12.20.2
- (no CPE)range: < 6.4.0-28.1.21.6
- (no CPE)range: < 6.4.0-28.1.21.6
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-150600.1.5.1
- (no CPE)range: < 1-150600.13.5.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.1
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.23.47.2
Linux/Linuxcpe-rescue
Range: 6.13

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000