{"id":"CVE-2024-38573","summary":"cppc_cpufreq: Fix possible null pointer dereference","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncppc_cpufreq: Fix possible null pointer dereference\n\ncppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from\ndifferent places with various parameters. So cpufreq_cpu_get() can return\nnull as 'policy' in some circumstances.\nFix this bug by adding null return check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.","modified":"2026-04-02T12:16:51.410752Z","published":"2024-06-19T13:35:38.334Z","related":["ALSA-2024:6997","MGASA-2024-0263","MGASA-2024-0266","SUSE-SU-2024:2372-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38573.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/769c4f355b7962895205b86ad35617873feef9a5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9a185cc5a79ba408e1c73375706630662304f618"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b18daa4ec727c0266de5bfc78e818d168cc4aedf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cf7de25878a1f4508c69dc9f6819c21ba177dbfe"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dfec15222529d22b15e5b0d63572a9e39570cab4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f84b9b25d045e67a7eee5e73f21278c8ab06713c"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38573.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38573"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a28b2bfc099c6b9caa6ef697660408e076a32019"},{"fixed":"9a185cc5a79ba408e1c73375706630662304f618"},{"fixed":"769c4f355b7962895205b86ad35617873feef9a5"},{"fixed":"f84b9b25d045e67a7eee5e73f21278c8ab06713c"},{"fixed":"b18daa4ec727c0266de5bfc78e818d168cc4aedf"},{"fixed":"dfec15222529d22b15e5b0d63572a9e39570cab4"},{"fixed":"cf7de25878a1f4508c69dc9f6819c21ba177dbfe"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-38573.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}