CVE-2024-26661

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26661
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26661.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26661
Downstream
Related
Published
2024-04-02T06:22:10.989Z
Modified
2025-11-15T16:36:15.261608Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add NULL test for 'timing generator' in 'dcn21setpipe()'

In "u32 otginst = pipectx->streamres.tg->inst;" pipectx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg is not NULL.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
474ac4a875ca6fea3fc5183d3ad22ef7523dca53
Fixed
3f3c237a706580326d3b7a1b97697e5031ca4667
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
474ac4a875ca6fea3fc5183d3ad22ef7523dca53
Fixed
39f24c08363af1cd945abad84e3c87fd3e3c845a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
474ac4a875ca6fea3fc5183d3ad22ef7523dca53
Fixed
66951d98d9bf45ba25acf37fe0747253fafdf298

Affected versions

v5.*

v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.7
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.2
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.2
v6.7.3
v6.7.4
v6.8-rc1
v6.8-rc2
v6.8-rc3

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2024-26661-012a7cac",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@39f24c08363af1cd945abad84e3c87fd3e3c845a",
        "digest": {
            "length": 550.0,
            "function_hash": "172753256738309606028080363895692116654"
        },
        "signature_version": "v1",
        "target": {
            "function": "dcn21_set_pipe",
            "file": "drivers/gpu/drm/amd/display/dc/hwss/dcn21/dcn21_hwseq.c"
        }
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2024-26661-335e59c7",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f3c237a706580326d3b7a1b97697e5031ca4667",
        "digest": {
            "line_hashes": [
                "103459866379634607185666535213224106915",
                "302860587404737845960496624366546939615",
                "58051394791945270381505582628593632686",
                "5114128034712627421033506101768396261",
                "121767330996908351713667860294906191972",
                "204698591387138702403514004413830999974",
                "314262770337960440266272306067486439303",
                "138003695621119368038317959435475556729",
                "15343918234309188418029888442821938614",
                "71644065300810048258874436346543864895",
                "90236364334416624073531632030626196993",
                "83288493378605872441637195668091726838",
                "336751798893247152623508245971211355788",
                "228067341677539797223977987191154258924",
                "155410406764649433546052315855737208621",
                "134738607091744254887250322502221628324",
                "39476447032936911524909802581216549778",
                "94533454769271157054387361397887667225",
                "261899446754222989368043374533094959015",
                "128999502843850703382194775109254084785",
                "245230569419630055200783197253981279873",
                "142756719365307059617442292294672670107",
                "338224859108277854122735399123194226775"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "target": {
            "file": "drivers/gpu/drm/amd/display/dc/dcn21/dcn21_hwseq.c"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2024-26661-83fca6e1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f3c237a706580326d3b7a1b97697e5031ca4667",
        "digest": {
            "length": 550.0,
            "function_hash": "172753256738309606028080363895692116654"
        },
        "signature_version": "v1",
        "target": {
            "function": "dcn21_set_pipe",
            "file": "drivers/gpu/drm/amd/display/dc/dcn21/dcn21_hwseq.c"
        }
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2024-26661-e80934a3",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@39f24c08363af1cd945abad84e3c87fd3e3c845a",
        "digest": {
            "line_hashes": [
                "103459866379634607185666535213224106915",
                "302860587404737845960496624366546939615",
                "58051394791945270381505582628593632686",
                "5114128034712627421033506101768396261",
                "121767330996908351713667860294906191972",
                "204698591387138702403514004413830999974",
                "314262770337960440266272306067486439303",
                "138003695621119368038317959435475556729",
                "15343918234309188418029888442821938614",
                "71644065300810048258874436346543864895",
                "90236364334416624073531632030626196993",
                "83288493378605872441637195668091726838",
                "336751798893247152623508245971211355788",
                "228067341677539797223977987191154258924",
                "155410406764649433546052315855737208621",
                "134738607091744254887250322502221628324",
                "39476447032936911524909802581216549778",
                "94533454769271157054387361397887667225",
                "261899446754222989368043374533094959015",
                "128999502843850703382194775109254084785",
                "245230569419630055200783197253981279873",
                "142756719365307059617442292294672670107",
                "338224859108277854122735399123194226775"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "target": {
            "file": "drivers/gpu/drm/amd/display/dc/hwss/dcn21/dcn21_hwseq.c"
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.9.0
Fixed
6.6.17
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.5