cve 2024 24856

CVE-2024-24856 is a Linux kernel vulnerability involving a null pointer dereference in the ACPI/ACPICA parsing code. When ACPI memory allocation fails and the result is used without a defensive check, the kernel can crash, causing immediate loss of availability. The fix is a small patch that adds a NULL check and returns AE_NO_MEMORY. The impact is significant for systems that exercise the vulnerable ACPI paths, especially embedded and vendor-forked kernels where backports lag. This tag covers discussions about the bug, its technical details, and operational implications for affected systems.