CVE-2024-42310

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes

In cdv_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6a227d5fd6c4abe6a9226a40f6981825e9da5fbe < f392c36cebf4c1d6997a4cc2c0f205254acef42aaffected
LinuxLinux6a227d5fd6c4abe6a9226a40f6981825e9da5fbe < a658ae2173ab74667c009e2550455e6de5b33ddcaffected
LinuxLinux6a227d5fd6c4abe6a9226a40f6981825e9da5fbe < b6ac46a00188cde50ffba233e6efb366354a1de5affected
LinuxLinux6a227d5fd6c4abe6a9226a40f6981825e9da5fbe < 08f45102c81ad8bc9f85f7a25e9f64e128edb87daffected
LinuxLinux6a227d5fd6c4abe6a9226a40f6981825e9da5fbe < e74eb5e8089427c8c49e0dd5067e5f39ce3a4d56affected
LinuxLinux6a227d5fd6c4abe6a9226a40f6981825e9da5fbe < 2d209b2f862f6b8bff549ede541590a8d119da23affected
LinuxLinux6a227d5fd6c4abe6a9226a40f6981825e9da5fbe < 977ee4fe895e1729cd36cc26916bbb10084713d6affected
LinuxLinux6a227d5fd6c4abe6a9226a40f6981825e9da5fbe < cb520c3f366c77e8d69e4e2e2781a8ce48d98e79affected
LinuxLinux3.3affected
LinuxLinux0 < 3.3unaffected
LinuxLinux4.19.320 <= 4.19.*unaffected
LinuxLinux5.4.282 <= 5.4.*unaffected
LinuxLinux5.10.224 <= 5.10.*unaffected
LinuxLinux5.15.165 <= 5.15.*unaffected
LinuxLinux6.1.103 <= 6.1.*unaffected
LinuxLinux6.6.44 <= 6.6.*unaffected
LinuxLinux6.10.3 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References