CVE-2024-56538

HIGH

Linux Kernel 5.9-6.6.63, 6.7-6.11.10, 6.12.0-6.12.1 - Use-After-Free in ZynqMP KMS DRM Device Removal

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_kms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace accesses to result in an error without further calls into this driver's internals.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/a17b9afe58c474657449cf87e238b1788200576b

Patch

https://git.kernel.org/stable/c/4fb97432e28a7e136b2d76135d50e988ada8e1af

Patch

https://git.kernel.org/stable/c/692f52aedccbf79b212a1e14e3735192b4c24a7d

Patch

https://git.kernel.org/stable/c/2e07c88914fc5289c21820b1aa94f058feb38197

Scores

CVSS v3 7.8

EPSS 0.0022

EPSS Percentile 12.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-416

Status published

Products (14)

linux/Kernel 5.9.0 - 6.6.64linux

linux/Kernel 6.12.0 - 6.12.2linux

linux/Kernel 6.7.0 - 6.11.11linux

Linux/Linux < 5.9

Linux/Linux 5.9

Linux/Linux 6.11.11 - 6.11.*

Linux/Linux 6.12.2 - 6.12.*

Linux/Linux 6.13

Linux/Linux 6.6.64 - 6.6.*

Linux/Linux d76271d22694e874ed70791702db9252ffe96a4c - 2e07c88914fc5289c21820b1aa94f058feb38197

... and 4 more

Published Dec 27, 2024

Tracked Since Feb 18, 2026