CVE-2024-27044 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential NULL pointer dereferences in 'dcn10_set_output_transfer_func()' The 'stream' pointer is used in dcn10_set_output_transfer_func() before the check if 'stream' is NULL. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn10/dcn10_hwseq.c:1892 dcn10_set_output_transfer_func() warn: variable dereferenced before check 'stream' (see line 1875)

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Debian	Debian Linux
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://git.kernel.org/stable/c/14613d52bc7fc180df6d2c65ba65fc921fc1dda7
https://git.kernel.org/stable/c/29fde8895b2fcc33f44aea28c644ce2d9b62f9e0
https://git.kernel.org/stable/c/2d9fe7787af01188dc470a649bdbb842d6511fd7
https://git.kernel.org/stable/c/330caa061af53ea6d287d7c43d0703714e510e08
https://git.kernel.org/stable/c/6ac7c7a3a9ab57aba0fe78ecb922d2b20e16efeb
https://git.kernel.org/stable/c/7874ab3105ca4657102fee1cc14b0af70883c484
https://git.kernel.org/stable/c/9ccfe80d022df7c595f1925afb31de2232900656
https://git.kernel.org/stable/c/e019d87e02f1e539ae48b99187f253847744ca7a
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lore.kernel.org/linux-cve-announce/2024050113-CVE-2024-27044-7e0e@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-27044
https://www.cve.org/CVERecord?id=CVE-2024-27044

History

Mon, 23 Dec 2024 14:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Debian Debian debian Linux Linux Linux linux Kernel
Weaknesses		CWE-476
CPEs		cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Debian Debian debian Linux Linux Linux linux Kernel

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Tue, 05 Nov 2024 10:45:00 +0000

Type	Values Removed	Values Added
References	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-01T12:54:14.695Z

Updated: 2024-12-19T08:53:15.321Z

Reserved: 2024-02-19T14:20:24.213Z

Link: CVE-2024-27044

Vulnrichment

Updated: 2024-08-02T00:21:06.019Z

NVD

Status : Analyzed

Published: 2024-05-01T13:15:49.783

Modified: 2024-12-23T14:12:17.657

Link: CVE-2024-27044

Redhat

Severity : Moderate

Publid Date: 2024-05-01T00:00:00Z

Links: CVE-2024-27044 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object