Lucene search

K

GoogleOSV:CVE-2024-41089

HistoryJul 29, 2024 - 4:15 p.m.

CVE-2024-41089

2024-07-2916:15:04

Google

osv.dev

2

linux kernel

vulnerability fix

null pointer dereference

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.0%

In the Linux kernel, the following vulnerability has been resolved:

drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes

In nv17_tv_get_hd_modes(), the return value of drm_mode_duplicate() is
assigned to mode, which will lead to a possible NULL pointer dereference
on failure of drm_mode_duplicate(). The same applies to drm_cvt_mode().
Add a check to avoid null pointer dereference.

References

git.kernel.org/stable/c/1c9f2e60150b4f13789064370e37f39e6e060f50

git.kernel.org/stable/c/30cbf6ffafbbdd8a6e4e5f0a2e9a9827ee83f3ad

git.kernel.org/stable/c/56fc4d3b0bdef691831cd95715a7ca3ebea98b2d

git.kernel.org/stable/c/5eecb49a6c268dc229005bf6e8167d4001dc09a0

git.kernel.org/stable/c/6d411c8ccc0137a612e0044489030a194ff5c843

git.kernel.org/stable/c/6e49a157d541e7e97b815a56f4bdfcbc89844a59

git.kernel.org/stable/c/7ece609b0ce7a7ea8acdf512a77d1fee26621637

git.kernel.org/stable/c/ffabad4aa91e33ced3c6ae793fb37771b3e9cb51

security-tracker.debian.org/tracker/CVE-2024-41089

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.0%

Related for OSV:CVE-2024-41089

cbl_mariner1 vulnrichment1 cve1 cvelist1 redhatcve1 nvd1 debiancve1 openvas8 nessus17 osv14 oraclelinux3