CVE-2024-45015

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() For cases where the crtc's connectors_changed was set without enable/active getting toggled , there is an atomic_enable() call followed by an atomic_disable() but without an atomic_mode_set(). This results in a NULL ptr access for the dpu_encoder_get_drm_fmt() call in the atomic_enable() as the dpu_encoder's connector was cleared in the atomic_disable() but not re-assigned as there was no atomic_mode_set() call. Fix the NULL ptr access by moving the assignment for atomic_enable() and also use drm_atomic_get_new_connector_for_encoder() to get the connector from the atomic_state. Patchwork: https://patchwork.freedesktop.org/patch/606729/
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*

History

13 Sep 2024, 16:35

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/msm/dpu: mover la asignación del conector de dpu_encoder a atomic_enable() Para los casos en los que se configuró connectors_changed de crtc sin que se alternara enable/active, hay una llamada a atomic_enable() seguida de una atomic_disable() pero sin una atomic_mode_set(). Esto da como resultado un acceso ptr NULL para la llamada dpu_encoder_get_drm_fmt() en atomic_enable() ya que el conector de dpu_encoder se borró en atomic_disable() pero no se reasignó ya que no hubo una llamada a atomic_mode_set(). Corrija el acceso ptr NULL moviendo la asignación para atomic_enable() y también use drm_atomic_get_new_connector_for_encoder() para obtener el conector de atomic_state. Parche: https://patchwork.freedesktop.org/patch/606729/
CPE cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/3bacf814b6a61cc683c68465f175ebd938f09c52 - () https://git.kernel.org/stable/c/3bacf814b6a61cc683c68465f175ebd938f09c52 - Patch
References () https://git.kernel.org/stable/c/3fb61718bcbe309279205d1cc275a6435611dc77 - () https://git.kernel.org/stable/c/3fb61718bcbe309279205d1cc275a6435611dc77 - Patch
References () https://git.kernel.org/stable/c/aedf02e46eb549dac8db4821a6b9f0c6bf6e3990 - () https://git.kernel.org/stable/c/aedf02e46eb549dac8db4821a6b9f0c6bf6e3990 - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-476
First Time Linux linux Kernel
Linux

11 Sep 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-11 16:15

Updated : 2024-09-13 16:35


NVD link : CVE-2024-45015

Mitre link : CVE-2024-45015

CVE.ORG link : CVE-2024-45015


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference