cve/2024/CVE-2024-50292.md

### [CVE-2024-50292](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50292)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.7%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=794df9448edb55978e50372f083aeedade1b2844%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_removeIn case of error when requesting ctrl_chan DMA channel, ctrl_chan is notnull. So the release of the dma channel leads to the following issue:[    4.879000] st,stm32-spdifrx 500d0000.audio-controller:dma_request_slave_channel error -19[    4.888975] Unable to handle kernel NULL pointer dereferenceat virtual address 000000000000003d[...][    5.096577] Call trace:[    5.099099]  dma_release_channel+0x24/0x100[    5.103235]  stm32_spdifrx_remove+0x24/0x60 [snd_soc_stm32_spdifrx][    5.109494]  stm32_spdifrx_probe+0x320/0x4c4 [snd_soc_stm32_spdifrx]To avoid this issue, release channel only if the pointer is valid.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/w4zu/Debian_security