CVE-2024-49914

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe

This commit addresses a null pointer dereference issue in the dcn20_program_pipe function. The issue could occur when pipe_ctx->plane_state is null.

The fix adds a check to ensure pipe_ctx->plane_state is not null before accessing. This prevents a null pointer dereference.

Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn20/dcn20_hwseq.c:1925 dcn20_program_pipe() error: we previously assumed 'pipe_ctx->plane_state' could be null (see line 1877)

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 68f75e6f08aad66069a629db8d7840919156c761affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 65a6fee22d5cfa645cb05489892dc9cd3d142fc2affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 8e4ed3cf1642df0c4456443d865cff61a9598aa8affected
LinuxLinux4.15affected
LinuxLinux0 < 4.15unaffected
LinuxLinux6.6.64 <= 6.6.*unaffected
LinuxLinux6.11.3 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References