Lucene search

GoogleOSV:CVE-2024-42309

HistoryAug 17, 2024 - 9:15 a.m.

CVE-2024-42309

2024-08-1709:15:10

Google

osv.dev

linux

kernel

drm

gma500

vulnerability

fix

null pointer dereference

psb_intel_lvds_get_modes

drm_mode_duplicate

check

software

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved:

drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes

In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is
assigned to mode, which will lead to a possible NULL pointer dereference
on failure of drm_mode_duplicate(). Add a check to avoid npd.

References

git.kernel.org/stable/c/13b5f3ee94bdbdc4b5f40582aab62977905aedee

git.kernel.org/stable/c/2df7aac81070987b0f052985856aa325a38debf6

git.kernel.org/stable/c/46d2ef272957879cbe30a884574320e7f7d78692

git.kernel.org/stable/c/475a5b3b7c8edf6e583a9eb59cf28ea770602e14

git.kernel.org/stable/c/6735d02ead7dd3adf74eb8b70aebd09e0ce78ec9

git.kernel.org/stable/c/7e52c62ff029f95005915c0a11863b5fb5185c8c

git.kernel.org/stable/c/d6ad202f73f8edba0cbc0065aa57a79ffe8fdcdc

git.kernel.org/stable/c/f70ffeca546452d1acd3a70ada56ecb2f3e7f811

security-tracker.debian.org/tracker/CVE-2024-42309

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

JSON

Related for OSV:CVE-2024-42309