CVE-2024-43899

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-41-generic #41~22.04.2-Ubuntu

Description The issue is related to a null pointer dereference in the dcn20 resource.c file of the Linux kernel's drm/amd/display module. This vulnerability can cause a hang when running MPV on a DCN401 dGPU with specific settings, such as mpv --hwdec=vaapi --vo=gpu --hwdec-codecs=all, and then enabling fullscreen playback. The call trace shows a kernel NULL pointer dereference at address 0000000000000000.

Recommendations To resolve this issue, update the Linux kernel to a version newer than 6.5.0-41-generic #41~22.04.2-Ubuntu. As a temporary workaround, consider avoiding the use of MPV with the specified settings on affected systems until a patch is available.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2025-12647

AZL-48209

AZL-48234

BDU:2025-03092

CVE-2024-43899

ECHO-E2D9-8147-524A

OESA-2024-2123

OESA-2024-2124

OESA-2024-2125

OESA-2024-2126

OPENSUSE-SU-2024_3190-1

OPENSUSE-SU-2024_3209-1

OPENSUSE-SU-2024_3483-1

SUSE-SU-2024:3190-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3383-1

SUSE-SU-2024:3483-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7196-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2024-43899

Weakness Enumeration

Related Identifiers

Affected Products

References · 1894