Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-36897

HistoryMay 30, 2024 - 4:15 p.m.

CVE-2024-36897

2024-05-3016:15:13

CWE-476

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux

kernel

vulnerability

fix

amd

display

driver

bios

uma

carveout

model

null dereference

integrated_info

dcn35

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Atom Integrated System Info v2_2 for DCN35

New request from KMD/VBIOS in order to support new UMA carveout
model. This fixes a null dereference from accessing
Ctx->dc_bios->integrated_info while it was NULL.

DAL parses through the BIOS and extracts the necessary
integrated_info but was missing a case for the new BIOS
version 2.3.

Affected configurations

NVD

Node

linuxlinux_kernelRange<5.15.159

linuxlinux_kernelRange5.16–6.1.91

linuxlinux_kernelRange6.2–6.6.31

linuxlinux_kernelRange6.7–6.8.10

References

git.kernel.org/stable/c/02f5300f6827206f6e48a77f51e6264993695e5c

git.kernel.org/stable/c/3c7013a87124bab54216d9b99f77e8b6de6fbc1a

git.kernel.org/stable/c/7e3030774431eb093165a31baff040d35446fb8b

git.kernel.org/stable/c/9a35d205f466501dcfe5625ca313d944d0ac2d60

git.kernel.org/stable/c/c2797ec16d9072327e7578d09ee05bcab52fffd0

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2024-36897