CVE-2024-46698

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-46698
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46698.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-46698
Downstream
Published
2024-09-13T06:15:14Z
Modified
2025-08-09T20:01:28Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

video/aperture: optionally match the device in sysfb_disable()

In apertureremoveconflictingpcidevices(), we currently only call sysfb_disable() on vga class devices. This leads to the following problem when the pimary device is not VGA compatible:

  1. A PCI device with a non-VGA class is the boot display
  2. That device is probed first and it is not a VGA device so sysfbdisable() is not called, but the device resources are freed by aperturedetachplatformdevice()
  3. Non-primary GPU has a VGA class and it ends up calling sysfb_disable()
  4. NULL pointer dereference via sysfbdisable() since the resources have already been freed by aperturedetachplatformdevice() when it was called by the other device.

Fix this by passing a device pointer to sysfb_disable() and checking the device to determine if we should execute it or not.

v2: Fix build when CONFIGSCREENINFO is not set v3: Move device check into the mutex Drop primary variable in apertureremoveconflictingpcidevices() Drop _init on pci sysfbpcidevis_enabled()

References

Affected packages