CVE-2024-45015
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable()
For cases where the crtc's connectors_changed was set without enable/active getting toggled , there is an atomic_enable() call followed by an atomic_disable() but without an atomic_mode_set().
This results in a NULL ptr access for the dpu_encoder_get_drm_fmt() call in the atomic_enable() as the dpu_encoder's connector was cleared in the atomic_disable() but not re-assigned as there was no atomic_mode_set() call.
Fix the NULL ptr access by moving the assignment for atomic_enable() and also use drm_atomic_get_new_connector_for_encoder() to get the connector from the atomic_state.
Patchwork: https://patchwork.freedesktop.org/patch/606729/
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 25fdd5933e4c0f5fe2ea5cd59994f8ac5fbe90ef < 3fb61718bcbe309279205d1cc275a6435611dc77 | affected |
| Linux | Linux | 25fdd5933e4c0f5fe2ea5cd59994f8ac5fbe90ef < 3bacf814b6a61cc683c68465f175ebd938f09c52 | affected |
| Linux | Linux | 25fdd5933e4c0f5fe2ea5cd59994f8ac5fbe90ef < aedf02e46eb549dac8db4821a6b9f0c6bf6e3990 | affected |
| Linux | Linux | 4.19 | affected |
| Linux | Linux | 0 < 4.19 | unaffected |
| Linux | Linux | 6.6.48 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.7 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/3fb61718bcbe309279205d1cc275a6435611dc77
- https://git.kernel.org/stable/c/3bacf814b6a61cc683c68465f175ebd938f09c52
- https://git.kernel.org/stable/c/aedf02e46eb549dac8db4821a6b9f0c6bf6e3990
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.