PT-2024-32216 · Linux+7 · Linux Kernel+7

Published

2024-06-10

·

Updated

2026-03-14

·

CVE-2024-46810

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.8
Description The issue is related to a null pointer dereference in the Linux kernel, specifically in the drm/bridge component, tc358767. It occurs when the connector is not fully initialized before signalling HPD events via the drm kms helper hotplug event() function. This may lead to a null pointer dereference. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited.
Recommendations To resolve the issue, upgrade the Linux kernel to version 6.10.8 or later. As a temporary workaround, consider restricting access to the vulnerable drm kms helper hotplug event() function until a patch is available. Avoid using the drm/bridge component, specifically the tc358767 module, in the affected Linux kernel versions until the issue is resolved.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-13979
ALT-PU-2024-14046
BDU:2025-01658
CVE-2024-46810
DLA-4008-1
DSA-5782-1
OESA-2024-2296
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4376-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7100-1
USN-7100-2
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu