NVD Vulnerability Detail

CVE-2024-43904

Summary	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. These variables were previously assumed to be null at line 922, but they were used later in the code without checking if they were null. This could potentially lead to a null pointer dereference, which would cause a crash. The null checks ensure that 'stream' and 'plane' are not null before they are used, preventing potential crashes. Fixes the below static smatch checker: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:938 dcn30_apply_idle_power_optimizations() error: we previously assumed 'stream' could be null (see line 922) drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:940 dcn30_apply_idle_power_optimizations() error: we previously assumed 'plane' could be null (see line 922)
Publication Date	Aug. 26, 2024, 8:15 p.m.
Registration Date	Aug. 27, 2024, 5 a.m.
Last Update	Nov. 9, 2024, 1:15 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel::::::::					6.10.5

Related information, measures and tools

No	URL	タグ
1	https://git.kernel.org/stable/c/16a8a2a839d19c4cf7253642b493ffb8eee1d857	Patch
2	https://git.kernel.org/stable/c/15c2990e0f0108b9c3752d7072a97d45d4283aea	Patch
3	https://git.kernel.org/stable/c/5e84eda48ffb2363437db44bbd0235594f8a58f9
4	https://git.kernel.org/stable/c/10c20d79d59cadfe572480d98cec271a89ffb024

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-476	NULL ポインタデリファレンス	https://cwe.mitre.org/data/definitions/476.html

JVN Vulnerability Information

Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性

Title	Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性
Summary	Linux の Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	June 5, 2024, midnight
Registration Date	Aug. 29, 2024, 2:50 p.m.
Last Update	Aug. 29, 2024, 2:50 p.m.

Affected System

Linux

Linux Kernel 6.10.5 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2024-43904	https://www.cve.org/CVERecord?id=CVE-2024-43904
National Vulnerability Database (NVD)
2	CVE-2024-43904	https://nvd.nist.gov/vuln/detail/CVE-2024-43904

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-476	http://cwe.mitre.org/data/definitions/476.html

ベンダー情報

No	Name	URL
Kernel.org git repositories
1	drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing (15c2990)	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=15c2990e0f0108b9c3752d7072a97d45d4283aea
2	drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing (16a8a2a)	https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=16a8a2a839d19c4cf7253642b493ffb8eee1d857
Linux Kernel
3	Linux Kernel Archives	https://www.kernel.org

Change Log

No	Changed Details	Date of change
1	[2024年08月29日] 掲載	Aug. 29, 2024, 2:50 p.m.