Bug 2271797 (CVE-2024-26648) - CVE-2024-26648 kernel: NULL check in edp_setup_replay()
Summary: CVE-2024-26648 kernel: NULL check in edp_setup_replay()
Keywords:
Status: NEW
Alias: CVE-2024-26648
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2271800
Blocks: 2271782
TreeView+ depends on / blocked
 
Reported: 2024-03-27 11:43 UTC by Rohit Keshri
Modified: 2024-04-16 15:00 UTC (History)
50 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Rohit Keshri 2024-03-27 11:43:42 UTC 
In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay()

In edp_setup_replay(), 'struct dc *dc' & 'struct dmub_replay *replay'
was dereferenced before the pointer 'link' & 'replay' NULL check.

Fixes the below:
drivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:947 edp_setup_replay() warn: variable dereferenced before check 'link' (see line 933)

https://git.kernel.org/stable/c/22ae604aea14756954e1c00ae653e34d2afd2935
https://git.kernel.org/stable/c/7073934f5d73f8b53308963cee36f0d389ea857c
https://git.kernel.org/stable/c/c02d257c654191ecda1dc1af6875d527e85310e7
Comment 1 Mauro Matteo Cascella 2024-03-27 11:49:49 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2271800]
Comment 4 Justin M. Forbes 2024-03-27 20:26:13 UTC 
This was fixed for Fedora with the 6.7.3 stable kernel updates.
Note You need to log in before you can comment on or make changes to this bug.