In the Linux kernel, the following vulnerability has been resolved:
drm/mediatek: Fix potential NULL dereference in mtkcrtcdestroy()
In mtkcrtccreate(), if the call to mboxrequestchannel() fails then we set the "mtkcrtc->cmdqclient.chan" pointer to NULL. In that situation, we do not call cmdqpktcreate().
During the cleanup, we need to check if the "mtkcrtc->cmdqclient.chan" is NULL first before calling cmdqpktdestroy(). Calling cmdqpktdestroy() is unnecessary if we didn't call cmdqpktcreate() and it will result in a NULL pointer dereference.
[
{
"digest": {
"line_hashes": [
"72481232073151582452707363088556397665",
"325509875762908446733609363187667130205",
"159316455806939361083650868282808611725",
"189688784195472177154891988630074532174",
"60419235693449890196904181695599956829"
],
"threshold": 0.9
},
"id": "CVE-2024-53056-3d264f64",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4018651ba5c409034149f297d3dd3328b91561fd",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/gpu/drm/mediatek/mtk_crtc.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "257072547661074946462797268821148616529",
"length": 475.0
},
"id": "CVE-2024-53056-6d57e397",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4018651ba5c409034149f297d3dd3328b91561fd",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "mtk_crtc_destroy",
"file": "drivers/gpu/drm/mediatek/mtk_crtc.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "257072547661074946462797268821148616529",
"length": 475.0
},
"id": "CVE-2024-53056-8c1b0231",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c60583a87cb4a85b69d1f448f0be5eb6ec62cbb2",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "mtk_crtc_destroy",
"file": "drivers/gpu/drm/mediatek/mtk_crtc.c"
},
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"72481232073151582452707363088556397665",
"325509875762908446733609363187667130205",
"159316455806939361083650868282808611725",
"189688784195472177154891988630074532174",
"60419235693449890196904181695599956829"
],
"threshold": 0.9
},
"id": "CVE-2024-53056-f7688868",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c60583a87cb4a85b69d1f448f0be5eb6ec62cbb2",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/gpu/drm/mediatek/mtk_crtc.c"
},
"signature_type": "Line"
}
]