CVE-2024-49923

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags

[WHAT & HOW] "dcn20_validate_apply_pipe_split_flags" dereferences merge, and thus it cannot be a null pointer. Let's pass a valid pointer to avoid null dereference.

This fixes 2 FORWARD_NULL issues reported by Coverity.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 39a580cd15397e102aaec25986ae5acf492f8930affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 85aa996ecfaa95d1e922867390502d23ce21b905affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 9a05270869f40c89f8d184fe2d37cb86e0d7e5f5affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 5559598742fb4538e4c51c48ef70563c49c2af23affected
LinuxLinux4.15affected
LinuxLinux0 < 4.15unaffected
LinuxLinux6.6.79 <= 6.6.*unaffected
LinuxLinux6.10.14 <= 6.10.*unaffected
LinuxLinux6.11.3 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References