CVE-2024-43886

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check in resource_log_pipe_topology_update [WHY] When switching from "Extend" to "Second Display Only" we sometimes call resource_get_otg_master_for_stream on a stream for the eDP, which is disconnected. This leads to a null pointer dereference. [HOW] Added a null check in dc_resource.c/resource_log_pipe_topology_update.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

27 Aug 2024, 14:37

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/899d92fd26fe780aad711322aa671f68058207a6 - () https://git.kernel.org/stable/c/899d92fd26fe780aad711322aa671f68058207a6 - Patch
References () https://git.kernel.org/stable/c/c36e922a36bdf69765c340a0857ca74092003bee - () https://git.kernel.org/stable/c/c36e922a36bdf69765c340a0857ca74092003bee - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: agregar verificación nula en Resource_log_pipe_topology_update [POR QUÉ] Al cambiar de "Extender" a "Sólo segunda visualización", a veces llamamos a Resource_get_otg_master_for_stream en una secuencia para eDP, lo que está desconectado. Esto conduce a una desreferencia del puntero nulo. [CÓMO] Se agregó una verificación nula en dc_resource.c/resource_log_pipe_topology_update.
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE CWE-476
First Time Linux linux Kernel
Linux

26 Aug 2024, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-26 11:15

Updated : 2024-08-27 14:37


NVD link : CVE-2024-43886

Mitre link : CVE-2024-43886

CVE.ORG link : CVE-2024-43886


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference