CVE-2024-42101

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes

In nouveau_connector_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6ee738610f41b59733f63718f0bdbcba7d3a3f12 < 9baf60323efa992b7c915094529f0a1882c34e7eaffected
LinuxLinux6ee738610f41b59733f63718f0bdbcba7d3a3f12 < e36364f5f3785d054a94e57e971385284886d41aaffected
LinuxLinux6ee738610f41b59733f63718f0bdbcba7d3a3f12 < 274cba8d2d1b48c72d8bd90e76c9e2dc1aa0a81daffected
LinuxLinux6ee738610f41b59733f63718f0bdbcba7d3a3f12 < f48dd3f19614022f2e1b794fbd169d2b4c398c07affected
LinuxLinux6ee738610f41b59733f63718f0bdbcba7d3a3f12 < 1f32535238493008587a8c5cb17eb2ca097592efaffected
LinuxLinux6ee738610f41b59733f63718f0bdbcba7d3a3f12 < 744b229f09134ccd091427a6f9ea6d97302cfdd9affected
LinuxLinux6ee738610f41b59733f63718f0bdbcba7d3a3f12 < 7db5411c5d0bd9c29b8c2ad93c36b5c16ea46c9eaffected
LinuxLinux6ee738610f41b59733f63718f0bdbcba7d3a3f12 < 80bec6825b19d95ccdfd3393cf8ec15ff2a749b4affected
LinuxLinux2.6.33affected
LinuxLinux0 < 2.6.33unaffected
LinuxLinux4.19.318 <= 4.19.*unaffected
LinuxLinux5.4.280 <= 5.4.*unaffected
LinuxLinux5.10.222 <= 5.10.*unaffected
LinuxLinux5.15.163 <= 5.15.*unaffected
LinuxLinux6.1.98 <= 6.1.*unaffected
LinuxLinux6.6.39 <= 6.6.*unaffected
LinuxLinux6.9.9 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References