CVE-2024-43904NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference30 documents7 sources
Severity
5.5MEDIUMNVD
OSV8.8
EPSS
0.0%
top 97.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
LinuxLinux KernelDebian Linux+4 more
Timeline
PublishedAug 26
Latest updateJan 27

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. These variables were previously assumed to be null at line 922, but they were used later in the code without checking if they were null. This could potentially lead to a null pointer dereference, which would cause a crash. The n

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages9 packages

NVDlinux/linux_kernel< 6.10.5
Debianlinux/linux_kernel< 6.1.119-1+2
Ubuntulinux/linux_kernel< 5.15.0-130.140+1

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

14
OSV
linux-xilinx-zynqmp vulnerabilities2025-01-27
OSV
linux-azure, linux-intel-iotg-5.15 vulnerabilities2025-01-09
OSV
linux-azure, linux-azure-6.8 vulnerabilities2025-01-09
OSV
linux-azure-5.15 vulnerabilities2025-01-09
OSV
linux-gke vulnerabilities2025-01-07

📋Vendor Advisories

15
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities2025-01-27
Ubuntu
Linux kernel vulnerabilities2025-01-09
Ubuntu
Linux kernel (Azure) vulnerabilities2025-01-09
Ubuntu
Linux kernel (Azure) vulnerabilities2025-01-09
Ubuntu
Linux kernel (GKE) vulnerabilities2025-01-07