CVE-2024-26728

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.5.0-asdn+

Description: The vulnerability is related to a null-pointer dereference in the Linux kernel's drm/amd/display module. This occurs when the kernel attempts to read EDID (Extended Display Identification Data) from a display device without properly checking if the required data is available. The issue arises when running the igt@kms force connector basic test in a system with DCN2.1 and an HDMI connector. This can lead to a kernel crash or potentially allow an attacker to execute arbitrary code.

Recommendations: To resolve this issue, update the Linux kernel to a version that includes the fix for the null-pointer dereference in the drm/amd/display module. Specifically, versions 6.5.0-asdn+ and later should include this fix. Ensure that all affected systems are updated to prevent potential exploitation of this vulnerability.