CVE-2024-49907

MEDIUM

Linux Kernel - NULL Pointer Dereference in AMD Display Clock Manager

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using dc->clk_mgr [WHY & HOW] dc->clk_mgr is null checked previously in the same function, indicating it might be null. Passing "dc" to "dc->hwss.apply_idle_power_optimizations", which dereferences null "dc->clk_mgr". (The function pointer resolves to "dcn35_apply_idle_power_optimizations".) This fixes 1 FORWARD_NULL issue reported by Coverity.

References (9)

Core 9

Scores

CVSS v3 5.5
EPSS 0.0024
EPSS Percentile 15.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-476
Status published
Products (23)
linux/Kernel 4.15.0 - 5.10.227linux
linux/Kernel 5.11.0 - 5.15.168linux
linux/Kernel 5.16.0 - 6.1.113linux
linux/Kernel 6.11.0 - 6.11.3linux
linux/Kernel 6.2.0 - 6.6.55linux
linux/Kernel 6.7.0 - 6.10.14linux
Linux/Linux < 4.15
Linux/Linux 4.15
Linux/Linux 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c - 3f7e533c10db3d0158709a99e2129ff63add6bcd
Linux/Linux 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c - 5ba3fbf75b243b2863a8be9e7c393e003d3b88f3
... and 13 more
Published Oct 21, 2024
Tracked Since Feb 18, 2026