CVE-2024-46694

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: avoid using null object of framebuffer

Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoid using null object of framebuffer.

(cherry picked from commit 73dd0ad9e5dad53766ea3e631303430116f834b3)

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5d945cbcd4b16a29d6470a80dfb19738f9a4319f < 093ee72ed35c2338c87c26b6ba6f0b7789c9e14eaffected
LinuxLinux5d945cbcd4b16a29d6470a80dfb19738f9a4319f < f6f5e39a3fe7cbdba190f42b28b40bdff03c8cf0affected
LinuxLinux5d945cbcd4b16a29d6470a80dfb19738f9a4319f < 49e1b214f3239b78967c6ddb8f8ec47ae047b051affected
LinuxLinux5d945cbcd4b16a29d6470a80dfb19738f9a4319f < 3b9a33235c773c7a3768060cf1d2cf8a9153bc37affected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.108 <= 6.1.*unaffected
LinuxLinux6.6.49 <= 6.6.*unaffected
LinuxLinux6.10.8 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References