CVE-2024-42101

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes In nouveau_connector_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1f32535238493008587a8c5cb17eb2ca097592ef	Patch
https://git.kernel.org/stable/c/274cba8d2d1b48c72d8bd90e76c9e2dc1aa0a81d	Patch
https://git.kernel.org/stable/c/744b229f09134ccd091427a6f9ea6d97302cfdd9	Patch
https://git.kernel.org/stable/c/7db5411c5d0bd9c29b8c2ad93c36b5c16ea46c9e	Patch
https://git.kernel.org/stable/c/80bec6825b19d95ccdfd3393cf8ec15ff2a749b4	Patch
https://git.kernel.org/stable/c/9baf60323efa992b7c915094529f0a1882c34e7e	Patch
https://git.kernel.org/stable/c/e36364f5f3785d054a94e57e971385284886d41a	Patch
https://git.kernel.org/stable/c/f48dd3f19614022f2e1b794fbd169d2b4c398c07	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

22 Aug 2024, 12:58

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel::::::::
References	~~() https://git.kernel.org/stable/c/1f32535238493008587a8c5cb17eb2ca097592ef -~~	() https://git.kernel.org/stable/c/1f32535238493008587a8c5cb17eb2ca097592ef - Patch
References	~~() https://git.kernel.org/stable/c/274cba8d2d1b48c72d8bd90e76c9e2dc1aa0a81d -~~	() https://git.kernel.org/stable/c/274cba8d2d1b48c72d8bd90e76c9e2dc1aa0a81d - Patch
References	~~() https://git.kernel.org/stable/c/744b229f09134ccd091427a6f9ea6d97302cfdd9 -~~	() https://git.kernel.org/stable/c/744b229f09134ccd091427a6f9ea6d97302cfdd9 - Patch
References	~~() https://git.kernel.org/stable/c/7db5411c5d0bd9c29b8c2ad93c36b5c16ea46c9e -~~	() https://git.kernel.org/stable/c/7db5411c5d0bd9c29b8c2ad93c36b5c16ea46c9e - Patch
References	~~() https://git.kernel.org/stable/c/80bec6825b19d95ccdfd3393cf8ec15ff2a749b4 -~~	() https://git.kernel.org/stable/c/80bec6825b19d95ccdfd3393cf8ec15ff2a749b4 - Patch
References	~~() https://git.kernel.org/stable/c/9baf60323efa992b7c915094529f0a1882c34e7e -~~	() https://git.kernel.org/stable/c/9baf60323efa992b7c915094529f0a1882c34e7e - Patch
References	~~() https://git.kernel.org/stable/c/e36364f5f3785d054a94e57e971385284886d41a -~~	() https://git.kernel.org/stable/c/e36364f5f3785d054a94e57e971385284886d41a - Patch
References	~~() https://git.kernel.org/stable/c/f48dd3f19614022f2e1b794fbd169d2b4c398c07 -~~	() https://git.kernel.org/stable/c/f48dd3f19614022f2e1b794fbd169d2b4c398c07 - Patch
CWE		CWE-476
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux Linux linux Kernel

30 Jul 2024, 13:32

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/nouveau: corrige la desreferencia del puntero null en nouveau_connector_get_modes En nouveau_connector_get_modes(), el valor de retorno de drm_mode_duplicate() se asigna al modo, lo que conducirá a una posible desreferencia del puntero NULL en caso de fallo. de drm_mode_duplicate(). Agregue una marca para evitar npd.

30 Jul 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-30 08:15

Updated : 2024-08-22 12:58

NVD link : CVE-2024-42101

Mitre link : CVE-2024-42101

CVE.ORG link : CVE-2024-42101

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10