CVE-2024-27041

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-27041
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-27041.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-27041
Downstream
Related
Published
2024-05-01T12:54:04.111Z
Modified
2025-11-28T02:35:16.916932Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
drm/amd/display: fix NULL checks for adev->dm.dc in amdgpu_dm_fini()
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: fix NULL checks for adev->dm.dc in amdgpudmfini()

Since 'adev->dm.dc' in amdgpudmfini() might turn out to be NULL before the call to dcenabledmub_notifications(), check beforehand to ensure there will not be a possible NULL-ptr-deref there.

Also, since commit 1e88eb1b2c25 ("drm/amd/display: Drop CONFIGDRMAMDDCHDCP") there are two separate checks for NULL in 'adev->dm.dc' before dcdeinitcallbacks() and dcdmubsrv_destroy(). Clean up by combining them all under one 'if'.

Found by Linux Verification Center (linuxtesting.org) with static analysis tool SVACE.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27041.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
81927e2808be5adace93c2012d45d6938d3a7aa0
Fixed
e040f1fbe9abae91b12b074cfc3bbb5367b79811
Fixed
ca2eb375db76fd50f31afdd67d6ca4f833254957
Fixed
1c62697e4086de988b31124fb8c79c244ea05f2b
Fixed
2a3cfb9a24a28da9cc13d2c525a76548865e182c

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.14.0
Fixed
6.6.23
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.11
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.2