cve/2024/CVE-2024-42089.md

### [CVE-2024-42089](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42089)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=3.18%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=708b4351f08c08ea93f773fb9197bdd3f3b08273%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:ASoC: fsl-asoc-card: set priv->pdev before using itpriv->pdev pointer was set after being used infsl_asoc_card_audmux_init().Move this assignment at the start of the probe function, sosub-functions can correctly use pdev through priv.fsl_asoc_card_audmux_init() dereferences priv->pdev to get access to thedev struct, used with dev_err macros.As priv is zero-initialised, there would be a NULL pointer dereference.Note that if priv->dev is dereferenced before assignment but never used,for example if there is no error to be printed, the driver won't crashprobably due to compiler optimisations.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds