CVE-2024-39498

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2

[Why] Commit:

  • commit 5aa1dfcdf0a4 ("drm/mst: Refactor the flow for payload allocation/removement") accidently overwrite the commit
  • commit 54d217406afe ("drm: use mgr->dev in drm_dbg_kms in drm_dp_add_payload_part2") which cause regression.

[How] Recover the original NULL fix and remove the unnecessary input parameter 'state' for drm_dp_add_payload_part2().

(cherry picked from commit 4545614c1d8da603e57b60dd66224d81b6ffc305)

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5aa1dfcdf0a429e4941e2eef75b006a8c7a8ac49 < 8e21de5f99b2368a5155037ce0aae8aaba3f5241affected
LinuxLinux5aa1dfcdf0a429e4941e2eef75b006a8c7a8ac49 < 5a507b7d2be15fddb95bf8dee01110b723e2bcd9affected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux6.9.6 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References