Lucene search

GoogleOSV:CVE-2024-42101

HistoryJul 30, 2024 - 8:15 a.m.

CVE-2024-42101

2024-07-3008:15:02

Google

osv.dev

linux

kernel

vulnerability

drm/nouveau

null pointer dereference

fix

connector

modes

check

software

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

Percentile

5.0%

JSON

In the Linux kernel, the following vulnerability has been resolved:

drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes

In nouveau_connector_get_modes(), the return value of drm_mode_duplicate()
is assigned to mode, which will lead to a possible NULL pointer
dereference on failure of drm_mode_duplicate(). Add a check to avoid npd.

References

git.kernel.org/stable/c/1f32535238493008587a8c5cb17eb2ca097592ef

git.kernel.org/stable/c/274cba8d2d1b48c72d8bd90e76c9e2dc1aa0a81d

git.kernel.org/stable/c/744b229f09134ccd091427a6f9ea6d97302cfdd9

git.kernel.org/stable/c/7db5411c5d0bd9c29b8c2ad93c36b5c16ea46c9e

git.kernel.org/stable/c/80bec6825b19d95ccdfd3393cf8ec15ff2a749b4

git.kernel.org/stable/c/9baf60323efa992b7c915094529f0a1882c34e7e

git.kernel.org/stable/c/e36364f5f3785d054a94e57e971385284886d41a

git.kernel.org/stable/c/f48dd3f19614022f2e1b794fbd169d2b4c398c07

security-tracker.debian.org/tracker/CVE-2024-42101

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

Percentile

5.0%

JSON

Related for OSV:CVE-2024-42101