CVE-2024-49898 Information

Description

In the Linux kernel the following vulnerability has been resolved:

drm/amd/display: Check null-initialized variables

[WHAT & HOW] drr_timing and subvp_pipe are initialized to null and they are not always assigned new values. It is necessary to check for null before dereferencing.

This fixes 2 FORWARD_NULL issues reported by Coverity.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Reference

https://git.kernel.org/stable/c/3fc70ae048fe0936761b73b50700a810ff61e853 https://git.kernel.org/stable/c/115b1a3b0944b4d8ef0b4b0c5a625bdd9474131f https://git.kernel.org/stable/c/367cd9ceba1933b63bc1d87d967baf6d9fd241d2

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

5.5