CVE-2024-57887

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm: adv7511: Fix use-after-free in adv7533_attach_dsi()

The host_node pointer was assigned and freed in adv7533_parse_dt(), and later, adv7533_attach_dsi() uses the same. Fix this use-after-free issue by dropping of_node_put() in adv7533_parse_dt() and calling of_node_put() in error path of probe() and also in the remove().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1e4d58cd7f888522d16f221d628356befbb08468 < acec80d9f126cd3fa764bbe3d96bc0cb5cd2b087affected
LinuxLinux1e4d58cd7f888522d16f221d628356befbb08468 < d208571943ffddc438a7ce533d5d0b9219806242affected
LinuxLinux1e4d58cd7f888522d16f221d628356befbb08468 < 1f49aaf55652580ae63ab83d67211fe6a55d83dcaffected
LinuxLinux1e4d58cd7f888522d16f221d628356befbb08468 < ca9d077350fa21897de8bf64cba23b198740aab5affected
LinuxLinux1e4d58cd7f888522d16f221d628356befbb08468 < 81adbd3ff21c1182e06aa02c6be0bfd9ea02d8e8affected
LinuxLinux4.8affected
LinuxLinux0 < 4.8unaffected
LinuxLinux5.10.234 <= 5.10.*unaffected
LinuxLinux6.1.125 <= 6.1.*unaffected
LinuxLinux6.6.70 <= 6.6.*unaffected
LinuxLinux6.12.9 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References