CVE-2024-58052
drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_table() does not check the return
value of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to
retrieve SMU_Info table, it returns NULL which is later dereferenced. Found by Linux Verification Center (linuxtesting.org) with SVACE. In practice this should never happen as this code only gets called
on polaris chips and the vbios data table will always be present on
those chips.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: Arreglar posible desreferencia de puntero NULL en atomctrl_get_smc_sclk_range_table La función atomctrl_get_smc_sclk_range_table() no comprueba el valor de retorno de smu_atom_get_data_table(). Si smu_atom_get_data_table() no puede recuperar la tabla SMU_Info, devuelve NULL que luego se desreferencia. Encontrado por Linux Verification Center (linuxtesting.org) con SVACE. En la práctica, esto nunca debería suceder ya que este código solo se llama en chips polaris y la tabla de datos vbios siempre estará presente en esos chips.
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table The function atomctrl_get_smc_sclk_range_table() does not check the return value of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to retrieve SMU_Info table, it returns NULL which is later dereferenced. Found by Linux Verification Center (linuxtesting.org) with SVACE. In practice this should never happen as this code only gets called on polaris chips and the vbios data table will always be present on those chips.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2025-03-06 CVE Reserved
- 2025-03-06 CVE Published
- 2025-03-06 CVE Updated
- 2025-03-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/a23eefa2f4615af91ea496ca5b55c9e7c6fa934c | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 6.1.129 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 6.1.129" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 6.6.76 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 6.6.76" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 6.12.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 6.12.13" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 6.13.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 6.13.2" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 6.14-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 6.14-rc1" | en |
Affected
| ||||||