Main Vulnerability Database SB2024071351

SB2024071351 - NULL pointer dereference in Linux kernel display amdgpu_dm driver

Published: July 13, 2024 Updated: May 13, 2025

Security Bulletin ID SB2024071351

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2024-39498)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nv50_msto_cleanup() function in drivers/gpu/drm/nouveau/dispnv50/disp.c, within the intel_mst_enable_dp() function in drivers/gpu/drm/i915/display/intel_dp_mst.c, within the EXPORT_SYMBOL() function in drivers/gpu/drm/display/drm_dp_mst_topology.c, within the dm_helpers_dp_mst_send_payload_allocation() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

SB2024071351 - NULL pointer dereference in Linux kernel display amdgpu_dm driver

Breakdown by Severity

Description

Remediation

References

Please verify you're human