Lucene search

Ubuntu.comUB:CVE-2024-36897

HistoryMay 30, 2024 - 12:00 a.m.

CVE-2024-36897

2024-05-3000:00:00

ubuntu.com

linux kernel

vulnerability

null dereference

drm/amd/display

uma carveout

bios

integrated info

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Atom Integrated System Info v2_2 for DCN35
New request from KMD/VBIOS in order to support new UMA carveout
model. This fixes a null dereference from accessing
Ctx->dc_bios->integrated_info while it was NULL.
DAL parses through the BIOS and extracts the necessary
integrated_info but was missing a case for the new BIOS
version 2.3.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< anyUNKNOWN
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu14.04noarchlinux< anyUNKNOWN
ubuntu16.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< any	UNKNOWN
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	14.04	noarch	linux	< any	UNKNOWN
ubuntu	16.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN

Rows per page:

1-10 of 951

References

git.kernel.org/linus/9a35d205f466501dcfe5625ca313d944d0ac2d60 (6.9-rc7)

git.kernel.org/stable/c/02f5300f6827206f6e48a77f51e6264993695e5c

git.kernel.org/stable/c/3c7013a87124bab54216d9b99f77e8b6de6fbc1a

git.kernel.org/stable/c/7e3030774431eb093165a31baff040d35446fb8b

git.kernel.org/stable/c/9a35d205f466501dcfe5625ca313d944d0ac2d60

git.kernel.org/stable/c/c2797ec16d9072327e7578d09ee05bcab52fffd0

launchpad.net/bugs/cve/CVE-2024-36897

nvd.nist.gov/vuln/detail/CVE-2024-36897

security-tracker.debian.org/tracker/CVE-2024-36897

www.cve.org/CVERecord?id=CVE-2024-36897

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for UB:CVE-2024-36897