SB2024102246 - NULL pointer dereference in Linux kernel dc core driver
Published: October 22, 2024 Updated: May 12, 2025
Security Bulletin ID
SB2024102246
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2024-49913)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the commit_planes_for_stream() function in drivers/gpu/drm/amd/display/dc/core/dc.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1ebfa6663807c144be8c8b6727375012409d2356
- https://git.kernel.org/stable/c/8ab59527852a6f7780aad6185729550ca0569122
- https://git.kernel.org/stable/c/40193ff73630adf76bc0d82398f7d90fb576dba4
- https://git.kernel.org/stable/c/e47e563c6f0db7d792a559301862c19ead0dfc2f
- https://git.kernel.org/stable/c/3929e382e4758aff42da0102a60d13337c99d3b8
- https://git.kernel.org/stable/c/73efd2a611b62fee71a7b7f27d9d08bb60da8a72
- https://git.kernel.org/stable/c/66d71a72539e173a9b00ca0b1852cbaa5f5bf1ad
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.227
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.168
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.113
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.14
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11.3
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.55