5.5

CVE-2024-49917

drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw

This commit addresses a potential null pointer dereference issue in the
`dcn30_init_hw` function. The issue could occur when `dc->clk_mgr` or
`dc->clk_mgr->funcs` is null.

The fix adds a check to ensure `dc->clk_mgr` and `dc->clk_mgr->funcs` is
not null before accessing its functions. This prevents a potential null
pointer dereference.

Reported by smatch:
drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:789 dcn30_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 628)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 6.10.14
LinuxLinux Kernel Version >= 6.11 < 6.11.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.145
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/205e3b96cc9aa9211fd2c849a16245cf236b2d36
https://git.kernel.org/stable/c/23cb6139543580dc36743586ca86fbb3f7ab2c9d
https://git.kernel.org/stable/c/5443c83eb8fd2f88c71ced38848fbf744d6206a2
Patch
https://git.kernel.org/stable/c/56c326577971adc3a230f29dfd3aa3abdd505f5d
Patch
https://git.kernel.org/stable/c/cba7fec864172dadd953daefdd26e01742b71a6a
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html