CVE-2024-50105 – This CVE describes a NULL pointer dereference v... (How to Fix)

Q: What is the severity of CVE-2024-50105?

CVE-2024-50105 has a CVSS score of 5.5 (MEDIUM). This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's Soundwire driver for SC7280-based systems. When exploited, it causes kernel crashes or undefined behavior during sound playback. This affects Linux systems using Qualcomm SC7280 hardware with Soundwire audio.

📋 TL;DR

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's Soundwire driver for SC7280-based systems. When exploited, it causes kernel crashes or undefined behavior during sound playback. This affects Linux systems using Qualcomm SC7280 hardware with Soundwire audio.

💻 Affected Systems

Products:

Linux kernel with Qualcomm SC7280 Soundwire support

Versions: Linux kernel versions between commit 15c7fab0e047 and fixes in stable branches

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with SC7280 hardware and Soundwire audio enabled. Similar issues were confirmed on SDM845 hardware.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or system instability.

🟠

Likely Case

Sound playback failures, application crashes, or system instability when audio functions are used.

🟢

If Mitigated

Minor audio functionality issues that don't affect core system operations.

🌐 Internet-Facing: LOW - Requires local access and specific hardware configuration to trigger.

🏢 Internal Only: MEDIUM - Could affect workstation stability for users with affected hardware.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local access and triggering sound playback on affected hardware. No authentication bypass needed but requires user interaction or application triggering audio.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in stable kernel branches via commits 176a41ebec42a921277cd34e8c0c2e776a9dd6c4 and db7e59e6a39a4d3d54ca8197c796557e6d480b0d

Vendor Advisory: https://git.kernel.org/stable/c/176a41ebec42a921277cd34e8c0c2e776a9dd6c4

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix. 2. Check kernel commit history for 176a41ebec42a921277cd34e8c0c2e776a9dd6c4 or db7e59e6a39a4d3d54ca8197c796557e6d480b0d. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable Soundwire audio

linux

Disable the affected Soundwire driver module to prevent triggering the vulnerability

echo 'blacklist snd-soc-sc7280' >> /etc/modprobe.d/blacklist.conf
rmmod snd_soc_sc7280

🧯 If You Can't Patch

Disable audio functionality on affected SC7280 systems
Restrict user access to audio applications and sound playback capabilities

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if SC7280 Soundwire is enabled: 'uname -r' and 'lsmod | grep snd_soc_sc7280'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel contains fix commit: 'git log --oneline | grep -E "176a41ebec42|db7e59e6a39a"' or check kernel version against patched releases

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
NULL pointer dereference errors in dmesg
Soundwire driver crash logs

Network Indicators:

No network indicators - local vulnerability only

SIEM Query:

source="kernel" AND ("NULL pointer dereference" OR "Soundwire" OR "sc7280")

📊 Metadata

CVE ID: CVE-2024-50105

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: November 5, 2024

Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50105, you might also want to check these: