CVE-2024-53060
drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.5EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
19 nov 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported
acpi_evaluate_object() may return AE_NOT_FOUND (failure), which
would result in dereferencing buffer.pointer (obj) while being NULL.
Although this case may be unrealistic for the current code, it is
still better to protect against possible bugs.
Bail out also when status is AE_NOT_FOUND.
This fixes 1 FORWARD_NULL issue reported by Coverity
Report: CID 1600951: Null pointer dereferences (FORWARD_NULL)
(cherry picked from commit 91c9e221fe2553edf2db71627d8453f083de87a1)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
Linux · LinuxReferências
https://git.kernel.org/stable/c/1a9f55ed5b512f510ccd21ad527d532e60550e80https://git.kernel.org/stable/c/27fc29b5376998c126c85cf9b15d9dfc2afc9cbehttps://git.kernel.org/stable/c/2ac7f253deada4d449559b65a1c1cd0a6f6f19b7https://git.kernel.org/stable/c/8d7a28eca7553d35d4ce192fa1f390f2357df41bhttps://git.kernel.org/stable/c/a613a392417532ca5aaf3deac6e3277aa7aaef2bhttps://git.kernel.org/stable/c/a6dd15981c03f2cdc9a351a278f09b5479d53d2ehttps://git.kernel.org/stable/c/b9d9881237afeb52eddd70077b7174bf17e2fa30https://git.kernel.org/stable/c/ce8a00a00e36f61f5a1e47734332420b68784c43https://lists.debian.org/debian-lts-announce/2025/01/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2025/03/msg00002.html