5.5

CVE-2024-43894

drm/client: fix null pointer dereference in drm_client_modeset_probe

In the Linux kernel, the following vulnerability has been resolved:

drm/client: fix null pointer dereference in drm_client_modeset_probe

In drm_client_modeset_probe(), the return value of drm_mode_duplicate() is
assigned to modeset->mode, which will lead to a possible NULL pointer
dereference on failure of drm_mode_duplicate(). Add a check to avoid npd.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.3 < 5.4.282
LinuxLinux Kernel Version >= 5.5 < 5.10.224
LinuxLinux Kernel Version >= 5.11 < 5.15.165
LinuxLinux Kernel Version >= 5.16 < 6.1.105
LinuxLinux Kernel Version >= 6.2 < 6.6.46
LinuxLinux Kernel Version >= 6.7 < 6.10.5
LinuxLinux Kernel Version6.11 Updaterc1
LinuxLinux Kernel Version6.11 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.01% 0.016
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/113fd6372a5bb3689aba8ef5b8a265ed1529a78f
Patch
https://git.kernel.org/stable/c/24ddda932c43ffe156c7f3c568bed85131c63ae6
Patch
https://git.kernel.org/stable/c/5291d4f73452c91e8a11f71207617e3e234d418e
Patch
https://git.kernel.org/stable/c/612cae53e99ce32a58cb821b3b67199eb6e92dff
Patch
https://git.kernel.org/stable/c/c763dfe09425152b6bb0e348900a637c62c2ce52
Patch
https://git.kernel.org/stable/c/d64847c383100423aecb6ac5f18be5f4316d9d62
Patch
https://git.kernel.org/stable/c/d64fc94f7bb24fc2be0d6bd5df8df926da461a6d
Patch
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html