CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add null checks for ‘stream’ and ‘plane’ before
dereferencing
This commit adds null checks for the ‘stream’ and ‘plane’ variables in
the dcn30_apply_idle_power_optimizations function. These variables were
previously assumed to be null at line 922, but they were used later in
the code without checking if they were null. This could potentially lead
to a null pointer dereference, which would cause a crash.
The null checks ensure that ‘stream’ and ‘plane’ are not null before
they are used, preventing potential crashes.
Fixes the below static smatch checker:
drivers/gpu/drm/amd/amdgpu/…/display/dc/hwss/dcn30/dcn30_hwseq.c:938
dcn30_apply_idle_power_optimizations() error: we previously assumed
‘stream’ could be null (see line 922)
drivers/gpu/drm/amd/amdgpu/…/display/dc/hwss/dcn30/dcn30_hwseq.c:940
dcn30_apply_idle_power_optimizations() error: we previously assumed ‘plane’
could be null (see line 922)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
git.kernel.org/linus/15c2990e0f0108b9c3752d7072a97d45d4283aea (6.11-rc1)
git.kernel.org/stable/c/15c2990e0f0108b9c3752d7072a97d45d4283aea
git.kernel.org/stable/c/16a8a2a839d19c4cf7253642b493ffb8eee1d857
launchpad.net/bugs/cve/CVE-2024-43904
nvd.nist.gov/vuln/detail/CVE-2024-43904
security-tracker.debian.org/tracker/CVE-2024-43904
www.cve.org/CVERecord?id=CVE-2024-43904