CVE-2024-53201
drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe This commit addresses a null pointer dereference issue in
dcn20_program_pipe(). Previously, commit 8e4ed3cf1642 ("drm/amd/display:
Add null check for pipe_ctx->plane_state in dcn20_program_pipe")
partially fixed the null pointer dereference issue. However, in
dcn20_update_dchubp_dpp(), the variable pipe_ctx is passed in, and
plane_state is accessed again through pipe_ctx. Multiple if statements
directly call attributes of plane_state, leading to potential null
pointer dereference issues. This patch adds necessary null checks to
ensure stability.
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe This commit addresses a null pointer dereference issue in dcn20_program_pipe(). Previously, commit 8e4ed3cf1642 ("drm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe") partially fixed the null pointer dereference issue. However, in dcn20_update_dchubp_dpp(), the variable pipe_ctx is passed in, and plane_state is accessed again through pipe_ctx. Multiple if statements directly call attributes of plane_state, leading to potential null pointer dereference issues. This patch adds necessary null checks to ensure stability.
Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2024-11-19 CVE Reserved
- 2024-12-27 CVE Published
- 2025-01-20 CVE Updated
- 2025-03-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/65a6fee22d5cfa645cb05489892dc9cd3d142fc2 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/8e4ed3cf1642df0c4456443d865cff61a9598aa8 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/68f75e6f08aad66069a629db8d7840919156c761 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.11.3 < 6.11.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.11.3 < 6.11.11" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.12 < 6.12.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12 < 6.12.2" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.12 < 6.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12 < 6.13" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.6.64 Search vendor "Linux" for product "Linux Kernel" and version "6.6.64" | en |
Affected
| ||||||