8748 CVE-2024-24862 2024-04-12 10:46:07 +0000 fix null pointer dereference in pci1xxxx_spi_probe of spi driver 2024-04-29 09:36:46 +0000 1 1 5 ANCK ANCK 6.6 Dev drivers 6.6.7-1 All Linux NEW P3-Medium S3-normal --- 1 shile.zhang shile.zhang renyu.zj xlpang qingming.su oldest_to_newest 27262 0 shile.zhang 2024-04-12 10:46:07 +0000 on behalf of 刘怀远 <qq810974084@gmail.com>: 在pci1xxxx_spi_probe函数中，存在一处调用devm_kzalloc函数申请内存，申请时不保证成功，且并未对其返回指针进行检查。而在后文直接或间接对其进行了解引用，从而触发空指针解引用。 已经向upstream提交修复补丁： https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?h=next-20240411&id=1f886a7bfb3faf4c1021e73f045538008ce7634e