CVE-2024-45015

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises when the crtc's connectors changed is set without enable/active getting toggled, resulting in an atomic enable() call followed by an atomic disable() but without an atomic mode set(). This leads to a NULL pointer access for the dpu encoder get drm fmt() call in the atomic enable() as the dpu encoder's connector was cleared in the atomic disable() but not re-assigned due to the lack of an atomic mode set() call. The fix involves moving the assignment for atomic enable() and using drm atomic get new connector for encoder() to get the connector from the atomic state.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-13260

ALT-PU-2024-13979

ALT-PU-2024-14046

AZL-49176

AZL-49248

BDU:2025-03756

CVE-2024-45015

ECHO-F35D-32AB-4A26

OESA-2025-1729

OPENSUSE-SU-2024_3551-1

OPENSUSE-SU-2024_3561-1

OPENSUSE-SU-2024_3564-1

OPENSUSE-SU-2024_3587-1

OPENSUSE-SU-2024_3592-1

SUSE-SU-2024:3551-1

SUSE-SU-2024:3553-1

SUSE-SU-2024:3561-1

SUSE-SU-2024:3564-1

SUSE-SU-2024:3569-1

SUSE-SU-2024:3587-1

SUSE-SU-2024:3592-1

SUSE-SU-2025:20073-1

SUSE-SU-2025:20077-1

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7196-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2024-45015

Weakness Enumeration

Related Identifiers

Affected Products

References · 1151