Fangzhi Zuo

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.50 **Description** A vulnerability in the Linux kernel has been resolved, specifically in the drm/amd/display component. The issue involves a NULL pointer dereference under mst + dsc setup, which can cause a kernel crash. The vulnerability occurs when the `drm dp atomic find time slots` function is called without properly checking for the existence of a stream on the link. To fix this, the kernel should skip recomputing DSC parameters if no mode change is detected on the new request. If a mode change is detected, the kernel should check whether the stream is already in the current state or not. **Recommendations** To resolve this issue, update the Linux kernel to version 6.6.50 or later. This update includes the fix for the vulnerability, which prevents the NULL pointer dereference and ensures proper handling of DSC parameters.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.58 **Description** The issue is related to a NULL pointer dereference in the Linux kernel, specifically in the drm/amd/display component. This occurs when there is an attempt to recompute DSC parameters without a stream on the link. The problem arises under certain conditions involving MST (Multi-Stream Transport) and DSC (Display Stream Compression) setup. Technical details indicate that the `drm dp atomic find time slots` function is involved, suggesting a potential issue with how time slots are managed for display port atomic operations. There is no information provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** To resolve the issue, update the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider disabling the `drm dp atomic find time slots` function until a patch is available. However, this is not a recommended long-term solution due to potential impacts on display functionality.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.3.9-arch1-1 **Description** The Linux kernel has a vulnerability in the drm/amd/display module, specifically in the function `drm dp atomic find time slots`. This vulnerability is caused by a NULL pointer dereference, which can lead to a kernel crash. The issue is specific to the RV platform and is triggered by a BUG: kernel NULL pointer dereference, address: 0000000000000008. The vulnerability is related to the `compute mst dsc configs for link` and `compute mst dsc configs for state` functions in the amdgpu module. **Recommendations** To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, update to a version later than 6.3.9-arch1-1. If an update is not available, consider temporarily disabling the `drm dp atomic find time slots` function or restricting access to the vulnerable module until a patch is available.