Bug 2309786 (CVE-2024-44955) - CVE-2024-44955 kernel: drm/amd/display: Don't refer to dc_sink in is_dsc_need_re_compute
Summary: CVE-2024-44955 kernel: drm/amd/display: Don't refer to dc_sink in is_dsc_need...
Keywords:
Status: NEW
Alias: CVE-2024-44955
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2309876
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-09-04 19:20 UTC by OSIDB Bzimport
Modified: 2025-11-07 12:59 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2024-09-04 19:20:46 UTC 
In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Don't refer to dc_sink in is_dsc_need_re_compute

[Why]
When unplug one of monitors connected after mst hub, encounter null pointer dereference.

It's due to dc_sink get released immediately in early_unregister() or detect_ctx(). When
commit new state which directly referring to info stored in dc_sink will cause null pointer
dereference.

[how]
Remove redundant checking condition. Relevant condition should already be covered by checking
if dsc_aux is null or not. Also reset dsc_aux to NULL when the connector is disconnected.
Comment 1 Robb Gatica 2024-09-04 20:25:31 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024090412-CVE-2024-44955-20e8@gregkh/T
Comment 2 TEJ RATHI 2025-08-20 11:55:43 UTC 
This CVE has been rejected by the Linux kernel community. Refer to the announcement: https://lore.kernel.org/linux-cve-announce/2025061907-REJECTED-1ba2@gregkh/

Comment added by: Automated Script
Note You need to log in before you can comment on or make changes to this bug.