CVE-2024-46694

MEDIUM

Linux Kernel 6.0-6.1.107, 6.2-6.6.48, 6.7-6.10.7 - NULL Pointer Dereference in DRM AMD Display Framebuffer Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoid using null object of framebuffer. (cherry picked from commit 73dd0ad9e5dad53766ea3e631303430116f834b3)

References (5)

Core 5

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Patch

https://git.kernel.org/stable/c/093ee72ed35c2338c87c26b6ba6f0b7789c9e14e

Patch

https://git.kernel.org/stable/c/f6f5e39a3fe7cbdba190f42b28b40bdff03c8cf0

Patch

https://git.kernel.org/stable/c/49e1b214f3239b78967c6ddb8f8ec47ae047b051

Patch

https://git.kernel.org/stable/c/3b9a33235c773c7a3768060cf1d2cf8a9153bc37

Scores

CVSS v3 5.5

EPSS 0.0023

EPSS Percentile 13.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (15)

linux/Kernel 6.0.0 - 6.1.108linux

linux/Kernel 6.2.0 - 6.6.49linux

linux/Kernel 6.7.0 - 6.10.8linux

Linux/Linux < 6.0

Linux/Linux 5d945cbcd4b16a29d6470a80dfb19738f9a4319f - 093ee72ed35c2338c87c26b6ba6f0b7789c9e14e

Linux/Linux 5d945cbcd4b16a29d6470a80dfb19738f9a4319f - 3b9a33235c773c7a3768060cf1d2cf8a9153bc37

Linux/Linux 5d945cbcd4b16a29d6470a80dfb19738f9a4319f - 49e1b214f3239b78967c6ddb8f8ec47ae047b051

Linux/Linux 5d945cbcd4b16a29d6470a80dfb19738f9a4319f - f6f5e39a3fe7cbdba190f42b28b40bdff03c8cf0

Linux/Linux 6.0

Linux/Linux 6.1.108 - 6.1.*

... and 5 more

Published Sep 13, 2024

Tracked Since Feb 18, 2026