CVE-2024-27040

May 1, 2024, 7:50 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add 'replay' NULL check in 'edp_set_replay_allow_active()' In the first if statement, we're checking if 'replay' is NULL. But in the second if statement, we're not checking if 'replay' is NULL again before calling replay->funcs->replay_set_power_opt(). if (replay == NULL && force_static) return false; ... if (link->replay_settings.replay_feature_enabled && replay->funcs->replay_set_power_opt) { replay->funcs->replay_set_power_opt(replay, *power_opts, panel_inst); link->replay_settings.replay_power_opt_active = *power_opts; } If 'replay' is NULL, this will cause a null pointer dereference. Fixes the below found by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:895 edp_set_replay_allow_active() error: we previously assumed 'replay' could be null (see line 887)

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/d0e94f4807ff0df66cf447d6b4bbb8ac830e99c3
https://git.kernel.org/stable/c/e7cadd5d3a8ffe334d0229ba9eda4290138d56e7
https://git.kernel.org/stable/c/f610c46771ef1047e46d61807aa7c69cd29e63d8
https://git.kernel.org/stable/c/f6aed043ee5d75b3d1bfc452b1a9584b63c8f76b

Tags

2024-05-01
416baaa9-dc9f-4396-8d5f-8c081fb06d67
CVE-2024-27040

Timeline

Published: May 1, 2024, 1:15 p.m.
Last Modified: May 1, 2024, 7:50 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.