PT-2024-30690 · Linux+6 · Linux Kernel+6

Published

2024-06-26

·

Updated

2025-09-29

·

CVE-2024-43829

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50
Description The issue is related to a NULL pointer dereference in the Linux kernel, specifically in the drm/qxl component. The problem arises when the drm cvt mode() function fails, and its return value is not properly checked, leading to a potential NULL pointer dereference. This issue has been resolved by adding a check for the return value of drm cvt mode() and returning an error if it fails.
Recommendations To resolve this issue, update the Linux kernel to version 6.6.50 or later. As a temporary workaround, consider disabling the drm cvt mode() function until a patch is available. However, this might have unintended consequences on the system's functionality, so it should be done with caution.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-13121
ALT-PU-2024-13979
ALT-PU-2024-14046
AZL-49767
BDU:2025-01725
CVE-2024-43829
DLA-3912-1
DLA-4008-1
MGASA-2024-0309
MGASA-2024-0310
OESA-2024-2124
OESA-2024-2150
OESA-2024-2151
OESA-2024-2153
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7119-1
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu