CVE-2024-26909Use After Free in Linux

CWE-416Use After Free7 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 99.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
LinuxLinux KernelDebian Linux+4 more
Timeline
PublishedApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on pmic_glink_altmode probe deferral. This has manifested itself as the display subsystem occasionally failing to initialise and NULL-pointer dereferences during boot of machines like the Lenovo ThinkPad X13s. Specif

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages8 packages

NVDlinux/linux_kernel6.36.6.23+1
Debianlinux/linux_kernel< 6.7.12-1+1
CVEListV5linux/linux080b4e24852b1d5b66929f69344e6c3eeb9639412bbd65c6ca567ed8dbbfc4fb945f57ce64bef342+3

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2024-26909: In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series p2024-04-17
GHSA
GHSA-gfgj-cf2r-6ffw: In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series2024-04-17

📋Vendor Advisories

3
Red Hat
kernel: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free2024-04-17
Microsoft
soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free2024-04-09
Debian
CVE-2024-26909: linux - In the Linux kernel, the following vulnerability has been resolved: soc: qcom: ...2024

💬Community

1
Bugzilla
CVE-2024-26909 kernel: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free2024-04-17