CVE-2024-49871: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-49871 is a NULL pointer dereference vulnerability discovered in the Linux kernel's Input subsystem, specifically in the adp5589-keys driver. The vulnerability was disclosed on October 21, 2024, affecting Linux kernel versions from 5.11 up to versions before 5.15.168, 6.1.113, 6.6.55, 6.10.14, and 6.11.3 (NVD).

The vulnerability occurs in the adp5589-keys driver where a devm action is registered to call adp5589clearconfig() with the i2c client as an argument. The issue arises because i2csetclientdata() is only set at the end of the probe function, which can lead to a NULL pointer dereference if the probe function fails early. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can result in a NULL pointer dereference, which could lead to a system crash or denial of service when the affected driver is probed. This primarily affects systems using the ADP5589 keypad driver (Kernel Patch).

The vulnerability has been patched in the Linux kernel. The fix involves modifying the adp5589clearconfig function to directly use the kpad structure instead of retrieving it through i2cgetclientdata. Users should update to Linux kernel versions 5.15.168, 6.1.113, 6.6.55, 6.10.14, or 6.11.3 or later to address this vulnerability (Kernel Patch).