An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference.

🗓️ 28 Jun 2023 07:00:00Reported by MicrosoftType

mscve

mscve🔗 msrc.microsoft.com👁 1 Views

Linux kernel flaw in 6.1-rc8: dpu_crtc_atomic_check does not check kzalloc result, causing NULL dereference.

Reporter	Title	Published	Views	Family All 87
Tenable Nessus	Alibaba Cloud Linux 3 : 0079: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2023:0079)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0136: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2023:0136)	14 May 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-2879)	16 Jan 202400:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2023-3085)	16 Jan 202400:00	–	nessus
Tenable Nessus	Photon OS 4.0: Linux PHSA-2021-4.0-0065	22 Jul 202100:00	–	nessus
Tenable Nessus	Photon OS 5.0: Linux PHSA-2023-5.0-0009	23 Jul 202400:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:2809-1)	12 Jul 202300:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:2871-1)	19 Jul 202300:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:2892-1)	20 Jul 202300:00	–	nessus
Tenable Nessus	Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6385-1)	19 Sep 202300:00	–	nessus

Vulners

Node

microsoft cbl2_kernel_5.15.118.1-2Range<5.15.118.1-2

OR

microsoft cm1_kernel_5.10.185.1-1Range<5.10.185.1-1

29 Jul 2023 07:00Current

7.2High risk

Vulners AI Score7.2

CVSS 3.15.5

EPSS0.00012

SSVC

linux kernel memory allocation null pointer dpu crtc kzalloc vulnerability