{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-56629","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-12-27T14:03:06.018Z","datePublished":"2024-12-27T14:51:31.333Z","dateUpdated":"2025-11-03T20:51:21.153Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T10:00:25.878Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: wacom: fix when get product name maybe null pointer\n\nDue to incorrect dev->product reporting by certain devices, null\npointer dereferences occur when dev->product is empty, leading to\npotential system crashes.\n\nThis issue was found on EXCELSIOR DL37-D05 device with\nLoongson-LS3A6000-7A2000-DL37 motherboard.\n\nKernel logs:\n[   56.470885] usb 4-3: new full-speed USB device number 4 using ohci-pci\n[   56.671638] usb 4-3: string descriptor 0 read error: -22\n[   56.671644] usb 4-3: New USB device found, idVendor=056a, idProduct=0374, bcdDevice= 1.07\n[   56.671647] usb 4-3: New USB device strings: Mfr=1, Product=2, SerialNumber=3\n[   56.678839] hid-generic 0003:056A:0374.0004: hiddev0,hidraw3: USB HID v1.10 Device [HID 056a:0374] on usb-0000:00:05.0-3/input0\n[   56.697719] CPU 2 Unable to handle kernel paging request at virtual address 0000000000000000, era == 90000000066e35c8, ra == ffff800004f98a80\n[   56.697732] Oops[#1]:\n[   56.697734] CPU: 2 PID: 2742 Comm: (udev-worker) Tainted: G           OE      6.6.0-loong64-desktop #25.00.2000.015\n[   56.697737] Hardware name: Inspur CE520L2/C09901N000000000, BIOS 2.09.00 10/11/2024\n[   56.697739] pc 90000000066e35c8 ra ffff800004f98a80 tp 9000000125478000 sp 900000012547b8a0\n[   56.697741] a0 0000000000000000 a1 ffff800004818b28 a2 0000000000000000 a3 0000000000000000\n[   56.697743] a4 900000012547b8f0 a5 0000000000000000 a6 0000000000000000 a7 0000000000000000\n[   56.697745] t0 ffff800004818b2d t1 0000000000000000 t2 0000000000000003 t3 0000000000000005\n[   56.697747] t4 0000000000000000 t5 0000000000000000 t6 0000000000000000 t7 0000000000000000\n[   56.697748] t8 0000000000000000 u0 0000000000000000 s9 0000000000000000 s0 900000011aa48028\n[   56.697750] s1 0000000000000000 s2 0000000000000000 s3 ffff800004818e80 s4 ffff800004810000\n[   56.697751] s5 90000001000b98d0 s6 ffff800004811f88 s7 ffff800005470440 s8 0000000000000000\n[   56.697753]    ra: ffff800004f98a80 wacom_update_name+0xe0/0x300 [wacom]\n[   56.697802]   ERA: 90000000066e35c8 strstr+0x28/0x120\n[   56.697806]  CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n[   56.697816]  PRMD: 0000000c (PPLV0 +PIE +PWE)\n[   56.697821]  EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n[   56.697827]  ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7)\n[   56.697831] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)\n[   56.697835]  BADV: 0000000000000000\n[   56.697836]  PRID: 0014d000 (Loongson-64bit, Loongson-3A6000)\n[   56.697838] Modules linked in: wacom(+) bnep bluetooth rfkill qrtr nls_iso8859_1 nls_cp437 snd_hda_codec_conexant snd_hda_codec_generic ledtrig_audio snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer snd soundcore input_leds mousedev led_class joydev deepin_netmonitor(OE) fuse nfnetlink dmi_sysfs ip_tables x_tables overlay amdgpu amdxcp drm_exec gpu_sched drm_buddy radeon drm_suballoc_helper i2c_algo_bit drm_ttm_helper r8169 ttm drm_display_helper spi_loongson_pci xhci_pci cec xhci_pci_renesas spi_loongson_core hid_generic realtek gpio_loongson_64bit\n[   56.697887] Process (udev-worker) (pid: 2742, threadinfo=00000000aee0d8b4, task=00000000a9eff1f3)\n[   56.697890] Stack : 0000000000000000 ffff800004817e00 0000000000000000 0000251c00000000\n[   56.697896]         0000000000000000 00000011fffffffd 0000000000000000 0000000000000000\n[   56.697901]         0000000000000000 1b67a968695184b9 0000000000000000 90000001000b98d0\n[   56.697906]         90000001000bb8d0 900000011aa48028 0000000000000000 ffff800004f9d74c\n[   56.697911]         90000001000ba000 ffff800004f9ce58 0000000000000000 ffff800005470440\n[   56.697916]         ffff800004811f88 90000001000b98d0 9000000100da2aa8 90000001000bb8d0\n[   56.697921]         0000000000000000 90000001000ba000 900000011aa48028 ffff800004f9d74c\n[   56.697926]         ffff8000054704e8 90000001000bb8b8 90000001000ba000 0000000000000000\n[   56.697931]         90000001000bb8d0 \n---truncated---"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hid/wacom_sys.c"],"versions":[{"version":"09dc28acaec74d7467c7c9b81dc8676e5bc957ce","lessThan":"d031eef3cc2e3bf524509e38fb898e5335c85c96","status":"affected","versionType":"git"},{"version":"09dc28acaec74d7467c7c9b81dc8676e5bc957ce","lessThan":"5912a921289edb34d40aeab32ea6d52d41e75fed","status":"affected","versionType":"git"},{"version":"09dc28acaec74d7467c7c9b81dc8676e5bc957ce","lessThan":"2ed3e3a3ac06af8a6391c3d6a7791b7967d7d43a","status":"affected","versionType":"git"},{"version":"09dc28acaec74d7467c7c9b81dc8676e5bc957ce","lessThan":"2cd323c55bd3f356bf23ae1b4c20100abcdc29d6","status":"affected","versionType":"git"},{"version":"09dc28acaec74d7467c7c9b81dc8676e5bc957ce","lessThan":"a7f0509556fa2f9789639dbcee9eed46e471ccef","status":"affected","versionType":"git"},{"version":"09dc28acaec74d7467c7c9b81dc8676e5bc957ce","lessThan":"e689bc6697a7fcebd4a945ab0b1e1112c76024d8","status":"affected","versionType":"git"},{"version":"09dc28acaec74d7467c7c9b81dc8676e5bc957ce","lessThan":"59548215b76be98cf3422eea9a67d6ea578aca3d","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hid/wacom_sys.c"],"versions":[{"version":"4.14","status":"affected"},{"version":"0","lessThan":"4.14","status":"unaffected","versionType":"semver"},{"version":"5.4.287","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.231","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.174","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.120","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.66","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.5","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.4.287"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.10.231"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.15.174"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.1.120"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.6.66"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.12.5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"6.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/d031eef3cc2e3bf524509e38fb898e5335c85c96"},{"url":"https://git.kernel.org/stable/c/5912a921289edb34d40aeab32ea6d52d41e75fed"},{"url":"https://git.kernel.org/stable/c/2ed3e3a3ac06af8a6391c3d6a7791b7967d7d43a"},{"url":"https://git.kernel.org/stable/c/2cd323c55bd3f356bf23ae1b4c20100abcdc29d6"},{"url":"https://git.kernel.org/stable/c/a7f0509556fa2f9789639dbcee9eed46e471ccef"},{"url":"https://git.kernel.org/stable/c/e689bc6697a7fcebd4a945ab0b1e1112c76024d8"},{"url":"https://git.kernel.org/stable/c/59548215b76be98cf3422eea9a67d6ea578aca3d"}],"title":"HID: wacom: fix when get product name maybe null pointer","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"id":"CVE-2024-56629","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2025-10-01T20:00:45.659566Z"}}}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-476","description":"CWE-476 NULL Pointer Dereference"}]}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-01T20:07:12.301Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:51:21.153Z"}}]}}