5.5

CVE-2024-49919

EPSS 0.04%
Veröffentlicht 21.10.2024 18:15:14
Zuletzt bearbeitet 21.02.2025 14:15:46
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer

This commit addresses a potential null pointer dereference issue in the
`dcn201_acquire_free_pipe_for_layer` function. The issue could occur
when `head_pipe` is null.

The fix adds a check to ensure `head_pipe` is not null before asserting
it. If `head_pipe` is null, the function returns NULL to prevent a
potential null pointer dereference.

Reported by smatch:
drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn201/dcn201_resource.c:1016 dcn201_acquire_free_pipe_for_layer() error: we previously assumed 'head_pipe' could be null (see line 1010)

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.10.14

Linux ≫ Linux Kernel Version >= 6.11 < 6.11.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.109

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/16ce8fd94da8599bb6f0496895d392a69aead1c0

https://git.kernel.org/stable/c/390d757621f5f35d11a63ed7d9d3262ead240064

Patch

https://git.kernel.org/stable/c/8a1b1655a490a492a5a6987254c935ecce4eb9de

Patch

https://git.kernel.org/stable/c/f22f4754aaa47d8c59f166ba3042182859e5dff7

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-49919

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-49919

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-49919

EUVD