CVE-2024-26661

MEDIUM

Linux Kernel 5.9-6.6.16, 6.7-6.7.4 - NULL Pointer Dereference in dcn21_set_pipe

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg is not NULL.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/3f3c237a706580326d3b7a1b97697e5031ca4667

Patch

https://git.kernel.org/stable/c/39f24c08363af1cd945abad84e3c87fd3e3c845a

Patch

https://git.kernel.org/stable/c/66951d98d9bf45ba25acf37fe0747253fafdf298

Scores

CVSS v3 5.5

EPSS 0.0023

EPSS Percentile 13.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (12)

linux/Kernel 5.9.0 - 6.6.17linux

linux/Kernel 6.7.0 - 6.7.5linux

Linux/Linux < 5.9

Linux/Linux 474ac4a875ca6fea3fc5183d3ad22ef7523dca53 - 39f24c08363af1cd945abad84e3c87fd3e3c845a

Linux/Linux 474ac4a875ca6fea3fc5183d3ad22ef7523dca53 - 3f3c237a706580326d3b7a1b97697e5031ca4667

Linux/Linux 474ac4a875ca6fea3fc5183d3ad22ef7523dca53 - 66951d98d9bf45ba25acf37fe0747253fafdf298

Linux/Linux 5.9

Linux/Linux 6.6.17 - 6.6.*

Linux/Linux 6.7.5 - 6.7.*

Linux/Linux 6.8

... and 2 more

Published Apr 02, 2024

Tracked Since Feb 18, 2026