CVE-2024-41093

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: avoid using null object of framebuffer

Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoid using null object of framebuffer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd38ceaf99ed015f2a0b9af3499791bd3a3daae21 < 7f35e01cb0ea4d295f5c067bb5c67dfcddaf05bcaffected
LinuxLinuxd38ceaf99ed015f2a0b9af3499791bd3a3daae21 < 6ce0544cabaa608018d5922ab404dc656a9d8447affected
LinuxLinuxd38ceaf99ed015f2a0b9af3499791bd3a3daae21 < 330c8c1453848c04d335bad81371a66710210800affected
LinuxLinuxd38ceaf99ed015f2a0b9af3499791bd3a3daae21 < dd9ec0ea4cdde0fc48116e63969fc83e81d7ef46affected
LinuxLinuxd38ceaf99ed015f2a0b9af3499791bd3a3daae21 < bcfa48ff785bd121316592b131ff6531e3e696bbaffected
LinuxLinux4.2affected
LinuxLinux0 < 4.2unaffected
LinuxLinux5.15.162 <= 5.15.*unaffected
LinuxLinux6.1.97 <= 6.1.*unaffected
LinuxLinux6.6.37 <= 6.6.*unaffected
LinuxLinux6.9.8 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References