CVE-2024-53231

Published: Dic 27, 2024 Last Modified: Nov 03, 2025 EU-VD ID: EUVD-2024-51903
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,5
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw()

cpufreq_cpu_get_raw() may return NULL if the cpu is not in
policy->cpus cpu mask and it will cause null pointer dereference.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0005
Percentile
0,1th
Updated

EPSS Score Trend (Last 90 Days)

476

NULL Pointer Dereference

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Confidentiality
Potential Impacts:
Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands Read Memory Modify Memory
Applicable Platforms
Languages: C, C#, C++, Go, Java
Likelihood of Exploit: Medium
View CWE Details
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 6.7 (inclusive)
To 6.11.11 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 5.19 (inclusive)
To 6.1.120 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 6.2 (inclusive)
To 6.6.64 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 6.12 (inclusive)
To 6.12.2 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://git.kernel.org/stable/c/65fe2f7fdafe2698a3436618004…
https://git.kernel.org/stable/c/65fe2f7fdafe2698a343661800434b3f2e51041e
https://git.kernel.org/stable/c/a357b63fd21e4b2791008c2175b…
https://git.kernel.org/stable/c/a357b63fd21e4b2791008c2175ba7a8c235ebce1
https://git.kernel.org/stable/c/a78e7207564258db6e373e86294…
https://git.kernel.org/stable/c/a78e7207564258db6e373e86294a85f9d646d35a
https://git.kernel.org/stable/c/e07570a8f2cfc51260c6266cb8e…
https://git.kernel.org/stable/c/e07570a8f2cfc51260c6266cb8e1bd4777a610d6
https://git.kernel.org/stable/c/e9b39f1924b76abc18881e4ce89…
https://git.kernel.org/stable/c/e9b39f1924b76abc18881e4ce899fb232dd23d12
https://lists.debian.org/debian-lts-announce/2025/03/msg000…
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html