CVE-2024-38548

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference

In cdns_mhdp_atomic_enable(), the return value of drm_mode_duplicate() is assigned to mhdp_state->current_mode, and there is a dereference of it in drm_mode_set_name(), which will lead to a NULL pointer dereference on failure of drm_mode_duplicate().

Fix this bug add a check of mhdp_state->current_mode.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxfb43aa0acdfd600c75b8c877bdf9f6e9893ffc9b < 85d1a27402f81f2e04b0e67d20f749c2a14edbb3affected
LinuxLinuxfb43aa0acdfd600c75b8c877bdf9f6e9893ffc9b < 89788cd9824c28ffcdea40232c458233353d1896affected
LinuxLinuxfb43aa0acdfd600c75b8c877bdf9f6e9893ffc9b < ca53b7efd4ba6ae92fd2b3085cb099c745e96965affected
LinuxLinuxfb43aa0acdfd600c75b8c877bdf9f6e9893ffc9b < dcf53e6103b26e7458be71491d0641f49fbd5840affected
LinuxLinuxfb43aa0acdfd600c75b8c877bdf9f6e9893ffc9b < 32fb2ef124c3301656ac6c789a2ef35ef69a66daaffected
LinuxLinuxfb43aa0acdfd600c75b8c877bdf9f6e9893ffc9b < 47889711da20be9b43e1e136e5cb68df37cbcc79affected
LinuxLinuxfb43aa0acdfd600c75b8c877bdf9f6e9893ffc9b < 935a92a1c400285545198ca2800a4c6c519c650aaffected
LinuxLinux5.10affected
LinuxLinux0 < 5.10unaffected
LinuxLinux5.10.219 <= 5.10.*unaffected
LinuxLinux5.15.161 <= 5.15.*unaffected
LinuxLinux6.1.93 <= 6.1.*unaffected
LinuxLinux6.6.33 <= 6.6.*unaffected
LinuxLinux6.8.12 <= 6.8.*unaffected
LinuxLinux6.9.3 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References