CVE-2024-57887

drm: adv7511: Fix use-after-free in adv7533_attach_dsi()

Severity Score

7.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533_attach_dsi() The host_node pointer was assigned and freed in adv7533_parse_dt(), and
later, adv7533_attach_dsi() uses the same. Fix this use-after-free issue
by dropping of_node_put() in adv7533_parse_dt() and calling of_node_put()
in error path of probe() and also in the remove().

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: adv7511: Se corrige el use-after-free en adv7533_attach_dsi() El puntero host_node se asignó y liberó en adv7533_parse_dt() y, posteriormente, adv7533_attach_dsi() utiliza el mismo. Corrija este problema de use-after-free eliminando of_node_put() en adv7533_parse_dt() y llamando a of_node_put() en la ruta de error de probe() y también en remove().

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533_attach_dsi() The host_node pointer was assigned and freed in adv7533_parse_dt(), and later, adv7533_attach_dsi() uses the same. Fix this use-after-free issue by dropping of_node_put() in adv7533_parse_dt() and calling of_node_put() in error path of probe() and also in the remove().

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-01-11 CVE Reserved
2025-01-15 CVE Published
2025-01-15 CVE Updated
2025-01-16 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (4)

URL	Tag	Source
https://git.kernel.org/stable/c/1e4d58cd7f888522d16f221d628356befbb08468	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/1f49aaf55652580ae63ab83d67211fe6a55d83dc	2025-01-09
https://git.kernel.org/stable/c/ca9d077350fa21897de8bf64cba23b198740aab5	2025-01-09
https://git.kernel.org/stable/c/81adbd3ff21c1182e06aa02c6be0bfd9ea02d8e8	2024-12-20

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.8 < 6.6.70 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.8 < 6.6.70"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.8 < 6.12.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.8 < 6.12.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.8 < 6.13-rc6 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.8 < 6.13-rc6"		en		Affected