CVE-2024-53056

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy()

In mtk_crtc_create(), if the call to mbox_request_channel() fails then we set the "mtk_crtc->cmdq_client.chan" pointer to NULL. In that situation, we do not call cmdq_pkt_create().

During the cleanup, we need to check if the "mtk_crtc->cmdq_client.chan" is NULL first before calling cmdq_pkt_destroy(). Calling cmdq_pkt_destroy() is unnecessary if we didn't call cmdq_pkt_create() and it will result in a NULL pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7627122fd1c06800a1fe624e9fb3c269796115e8 < c60583a87cb4a85b69d1f448f0be5eb6ec62cbb2affected
LinuxLinux7627122fd1c06800a1fe624e9fb3c269796115e8 < 4018651ba5c409034149f297d3dd3328b91561fdaffected
LinuxLinux2c4396693698e876e559768d3d3a150c672ec384affected
LinuxLinux5.15.54 < 5.16affected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux6.11.7 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References