CVE-2024-35790

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the DisplayPort driver's sysfs nodes being present to the userspace before the completion of typec altmode set drvdata() in dp altmode probe(). This can trigger a NULL pointer error by deferencing dp->hpd in hpd show() or dp->lock in pin assignment show(), as dev get drvdata() returns NULL in those cases. The problem is resolved by removing manual sysfs node creation in favor of adding an attribute group as default for devices bound to the driver.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2024:5101

ALSA-2024:5102

ALSA-2025_16880

AZL-57802

BDU:2025-12228

CESA-2024_5101

CESA-2024_5102

CVE-2024-35790

DLA-4271-1

DLA-4327-1

DSA-5925-1

ECHO-FAB0-5C4A-ABB5

INFSA-2024_5101

INFSA-2024_5102

OESA-2024-1706

OESA-2024-1707

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

RHSA-2024:5101

RHSA-2024:5102

RHSA-2024_5101

RHSA-2024_5102

RHSA-2025:10701

RLSA-2024:5101

RLSA-2024:5102

RXSA-2024:5101

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:02334-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20249-1

SUSE-SU-2025_02334-1

USN-7654-1

USN-7654-2

USN-7654-3

USN-7654-4

USN-7654-5

USN-7655-1

USN-7686-1

USN-7711-1

USN-7712-1

USN-7712-2

Affected Products

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2024-35790

Weakness Enumeration

Related Identifiers

Affected Products

References · 4556