CVE-2024-42309
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
17/08/2024
Last modified:
22/08/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes<br />
<br />
In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is<br />
assigned to mode, which will lead to a possible NULL pointer dereference<br />
on failure of drm_mode_duplicate(). Add a check to avoid npd.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.3 (including) | 4.19.320 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.282 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.224 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.165 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.103 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.44 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.10.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/13b5f3ee94bdbdc4b5f40582aab62977905aedee
- https://git.kernel.org/stable/c/2df7aac81070987b0f052985856aa325a38debf6
- https://git.kernel.org/stable/c/46d2ef272957879cbe30a884574320e7f7d78692
- https://git.kernel.org/stable/c/475a5b3b7c8edf6e583a9eb59cf28ea770602e14
- https://git.kernel.org/stable/c/6735d02ead7dd3adf74eb8b70aebd09e0ce78ec9
- https://git.kernel.org/stable/c/7e52c62ff029f95005915c0a11863b5fb5185c8c
- https://git.kernel.org/stable/c/d6ad202f73f8edba0cbc0065aa57a79ffe8fdcdc
- https://git.kernel.org/stable/c/f70ffeca546452d1acd3a70ada56ecb2f3e7f811