AZL-67478

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67478.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-67478

Upstream

CVE-2024-26938

Published

2024-05-01T06:15:09Z

Modified

2026-04-01T05:21:13.670208Z

Summary

CVE-2024-26938 affecting package kernel 5.15.200.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/i915/bios: Tolerate devdata==NULL in intelbiosencodersupportsdpdualmode()

If we have no VBT, or the VBT didn't declare the encoder in question, we won't have the 'devdata' for the encoder. Instead of oopsing just bail early.

We won't be able to tell whether the port is DP++ or not, but so be it.

(cherry picked from commit 26410896206342c8a80d2b027923e9ee7d33b733)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-26938

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.15.200.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67478.json"