CVE-2024-43886

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add null check in resource_log_pipe_topology_update

[WHY] When switching from "Extend" to "Second Display Only" we sometimes call resource_get_otg_master_for_stream on a stream for the eDP, which is disconnected. This leads to a null pointer dereference.

[HOW] Added a null check in dc_resource.c/resource_log_pipe_topology_update.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd8bafc2b1eeae78317d37b3440d1022977e9b28c < c36e922a36bdf69765c340a0857ca74092003beeaffected
LinuxLinuxd8bafc2b1eeae78317d37b3440d1022977e9b28c < 899d92fd26fe780aad711322aa671f68058207a6affected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux6.10.5 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References