PT-2024-30753 · Linux+7 · Linux Kernel+7

Fangzhi Zuo

·

Published

2024-07-12

·

Updated

2026-01-12

·

CVE-2024-43895

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50
Description A vulnerability in the Linux kernel has been resolved, specifically in the drm/amd/display component. The issue involves a NULL pointer dereference under mst + dsc setup, which can cause a kernel crash. The vulnerability occurs when the drm dp atomic find time slots function is called without properly checking for the existence of a stream on the link. To fix this, the kernel should skip recomputing DSC parameters if no mode change is detected on the new request. If a mode change is detected, the kernel should check whether the stream is already in the current state or not.
Recommendations To resolve this issue, update the Linux kernel to version 6.6.50 or later. This update includes the fix for the vulnerability, which prevents the NULL pointer dereference and ensures proper handling of DSC parameters.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-11855
ALT-PU-2024-11863
ALT-PU-2024-13121
ALT-PU-2024-13979
ALT-PU-2024-14046
BDU:2025-03090
CVE-2024-43895
DLA-4008-1
MGASA-2024-0309
MGASA-2024-0310
OESA-2024-2124
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7196-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu