Lucene search

GoogleOSV:CVE-2024-42308

HistoryAug 17, 2024 - 9:15 a.m.

CVE-2024-42308

2024-08-1709:15:10

Google

osv.dev

linux kernel

vulnerability

resolved

null pointer

plane_state

initialized

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Check for NULL pointer

[why & how]
Need to make sure plane_state is initialized
before accessing its members.

(cherry picked from commit 295d91cbc700651782a60572f83c24861607b648)

References

git.kernel.org/stable/c/185616085b12e651cdfd11ef00d1449f54552d89

git.kernel.org/stable/c/4ab68e168ae1695f7c04fae98930740aaf7c50fa

git.kernel.org/stable/c/4ccd37085976ea5d3c499b1e6d0b3f4deaf2cd5a

git.kernel.org/stable/c/6b5ed0648213e9355cc78f4a264d9afe8536d692

git.kernel.org/stable/c/71dbf95359347c2ecc5a6dfc02783fcfccb2e9fb

git.kernel.org/stable/c/9ce89824ff04d261fc855e0ca6e6025251d9fa40

git.kernel.org/stable/c/f068494430d15b5fc551ac928de9dac7e5e27602

security-tracker.debian.org/tracker/CVE-2024-42308

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.7

Confidence

Low

JSON

Related for OSV:CVE-2024-42308