CVE-2024-53133

Severity CVSS v4.0:
Pending analysis
Type:
CWE-415 Double Free
Publication date:
04/12/2024
Last modified:
11/12/2024

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/amd/display: Handle dml allocation failure to avoid crash<br /> <br /> [Why]<br /> In the case where a dml allocation fails for any reason, the<br /> current state&amp;#39;s dml contexts would no longer be valid. Then<br /> subsequent calls dc_state_copy_internal would shallow copy<br /> invalid memory and if the new state was released, a double<br /> free would occur.<br /> <br /> [How]<br /> Reset dml pointers in new_state to NULL and avoid invalid<br /> pointer<br /> <br /> (cherry picked from commit bcafdc61529a48f6f06355d78eb41b3aeda5296c)

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.11.10 (excluding)
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc7:*:*:*:*:*:*