ghsa-973h-x7w2-jgpx
Vulnerability from github
Published
2024-05-01 15:30
Modified
2024-11-07 18:31
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add 'replay' NULL check in 'edp_set_replay_allow_active()'

In the first if statement, we're checking if 'replay' is NULL. But in the second if statement, we're not checking if 'replay' is NULL again before calling replay->funcs->replay_set_power_opt().

if (replay == NULL && force_static) return false;

...

if (link->replay_settings.replay_feature_enabled && replay->funcs->replay_set_power_opt) { replay->funcs->replay_set_power_opt(replay, power_opts, panel_inst); link->replay_settings.replay_power_opt_active = power_opts; }

If 'replay' is NULL, this will cause a null pointer dereference.

Fixes the below found by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:895 edp_set_replay_allow_active() error: we previously assumed 'replay' could be null (see line 887)

Show details on source website


{
  "affected": [],
  "aliases": [
    "CVE-2024-27040"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-01T13:15:49Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add \u0027replay\u0027 NULL check in \u0027edp_set_replay_allow_active()\u0027\n\nIn the first if statement, we\u0027re checking if \u0027replay\u0027 is NULL. But in\nthe second if statement, we\u0027re not checking if \u0027replay\u0027 is NULL again\nbefore calling replay-\u003efuncs-\u003ereplay_set_power_opt().\n\nif (replay == NULL \u0026\u0026 force_static)\n    return false;\n\n...\n\nif (link-\u003ereplay_settings.replay_feature_enabled \u0026\u0026\n    replay-\u003efuncs-\u003ereplay_set_power_opt) {\n\treplay-\u003efuncs-\u003ereplay_set_power_opt(replay, *power_opts, panel_inst);\n\tlink-\u003ereplay_settings.replay_power_opt_active = *power_opts;\n}\n\nIf \u0027replay\u0027 is NULL, this will cause a null pointer dereference.\n\nFixes the below found by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:895 edp_set_replay_allow_active() error: we previously assumed \u0027replay\u0027 could be null (see line 887)",
  "id": "GHSA-973h-x7w2-jgpx",
  "modified": "2024-11-07T18:31:20Z",
  "published": "2024-05-01T15:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27040"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d0e94f4807ff0df66cf447d6b4bbb8ac830e99c3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e7cadd5d3a8ffe334d0229ba9eda4290138d56e7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f610c46771ef1047e46d61807aa7c69cd29e63d8"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f6aed043ee5d75b3d1bfc452b1a9584b63c8f76b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.