5.5

CVE-2024-42091

EPSS 0.03%
Veröffentlicht 29.07.2024 18:15:11
Zuletzt bearbeitet 07.10.2025 16:47:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

drm/xe: Check pat.ops before dumping PAT settings

In the Linux kernel, the following vulnerability has been resolved:

drm/xe: Check pat.ops before dumping PAT settings

We may leave pat.ops unset when running on brand new platform or
when running as a VF.  While the former is unlikely, the latter
is valid (future) use case and will cause NPD when someone will
try to dump PAT settings by debugfs.

It's better to check pointer to pat.ops instead of specific .dump
hook, as we have this hook always defined for every .ops variant.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.8 < 6.9.8

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.084

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/583ce246c7ff9edeb0de49130cdc3d45db8545cb

Patch

https://git.kernel.org/stable/c/a918e771e6fbe1fa68932af5b0cdf473e23090cc

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-42091

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-42091

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-42091

EUVD