CVE-2024-36897

New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx->dcbios->integratedinfo while it was NULL.

DAL parses through the BIOS and extracts the necessary integrated_info but was missing a case for the new BIOS version 2.3.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36897.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c

Fixed

3c7013a87124bab54216d9b99f77e8b6de6fbc1a

Fixed

02f5300f6827206f6e48a77f51e6264993695e5c

Fixed

7e3030774431eb093165a31baff040d35446fb8b

Fixed

c2797ec16d9072327e7578d09ee05bcab52fffd0

Fixed

9a35d205f466501dcfe5625ca313d944d0ac2d60

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36897.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.15.0

Fixed

5.15.159

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.91

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.31

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.8.10

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36897.json"