CVE-2024-42308

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check for NULL pointer [why & how] Need to make sure plane_state is initialized before accessing its members. (cherry picked from commit 295d91cbc700651782a60572f83c24861607b648)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/185616085b12e651cdfd11ef00d1449f54552d89	Patch
https://git.kernel.org/stable/c/4ab68e168ae1695f7c04fae98930740aaf7c50fa	Patch
https://git.kernel.org/stable/c/4ccd37085976ea5d3c499b1e6d0b3f4deaf2cd5a	Patch
https://git.kernel.org/stable/c/6b5ed0648213e9355cc78f4a264d9afe8536d692	Patch
https://git.kernel.org/stable/c/71dbf95359347c2ecc5a6dfc02783fcfccb2e9fb	Patch
https://git.kernel.org/stable/c/9ce89824ff04d261fc855e0ca6e6025251d9fa40	Patch
https://git.kernel.org/stable/c/f068494430d15b5fc551ac928de9dac7e5e27602	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

03 Sep 2024, 13:56

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/185616085b12e651cdfd11ef00d1449f54552d89 -~~	() https://git.kernel.org/stable/c/185616085b12e651cdfd11ef00d1449f54552d89 - Patch
References	~~() https://git.kernel.org/stable/c/4ab68e168ae1695f7c04fae98930740aaf7c50fa -~~	() https://git.kernel.org/stable/c/4ab68e168ae1695f7c04fae98930740aaf7c50fa - Patch
References	~~() https://git.kernel.org/stable/c/4ccd37085976ea5d3c499b1e6d0b3f4deaf2cd5a -~~	() https://git.kernel.org/stable/c/4ccd37085976ea5d3c499b1e6d0b3f4deaf2cd5a - Patch
References	~~() https://git.kernel.org/stable/c/6b5ed0648213e9355cc78f4a264d9afe8536d692 -~~	() https://git.kernel.org/stable/c/6b5ed0648213e9355cc78f4a264d9afe8536d692 - Patch
References	~~() https://git.kernel.org/stable/c/71dbf95359347c2ecc5a6dfc02783fcfccb2e9fb -~~	() https://git.kernel.org/stable/c/71dbf95359347c2ecc5a6dfc02783fcfccb2e9fb - Patch
References	~~() https://git.kernel.org/stable/c/9ce89824ff04d261fc855e0ca6e6025251d9fa40 -~~	() https://git.kernel.org/stable/c/9ce89824ff04d261fc855e0ca6e6025251d9fa40 - Patch
References	~~() https://git.kernel.org/stable/c/f068494430d15b5fc551ac928de9dac7e5e27602 -~~	() https://git.kernel.org/stable/c/f068494430d15b5fc551ac928de9dac7e5e27602 - Patch
CPE		cpe:2.3:o:linux:linux_kernel::::::::
First Time		Linux linux Kernel Linux
CWE		CWE-476
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

19 Aug 2024, 12:59

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: Verifique el puntero NULL [por qué y cómo] Es necesario asegurarse de que plane_state esté inicializado antes de acceder a sus miembros. (cereza escogida del commit 295d91cbc700651782a60572f83c24861607b648)

19 Aug 2024, 05:15

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/6b5ed0648213e9355cc78f4a264d9afe8536d692 - () https://git.kernel.org/stable/c/71dbf95359347c2ecc5a6dfc02783fcfccb2e9fb - () https://git.kernel.org/stable/c/9ce89824ff04d261fc855e0ca6e6025251d9fa40 -

17 Aug 2024, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-17 09:15

Updated : 2024-09-03 13:56

NVD link : CVE-2024-42308

Mitre link : CVE-2024-42308

CVE.ORG link : CVE-2024-42308

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10