PT-2024-35648 · Linux+3 · Linux Kernel+3

Published

2024-11-05

Updated

2025-04-24

CVE-2024-53201

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A null pointer dereference issue in the dcn20 program pipe() function has been resolved. The issue occurred because the pipe ctx->plane state was accessed without proper null checks, leading to potential null pointer dereference issues. The problem was partially fixed by a previous commit, but the dcn20 update dchubp dpp() function still passed the pipe ctx variable and accessed plane state through it, causing the issue to persist. The patch adds necessary null checks to ensure stability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

AZL-55294

BDU:2025-07868

CVE-2024-53201

OESA-2025-1093

OESA-2025-1095

OESA-2025-1096

OESA-2025-1097

OPENSUSE-SU-2025_0117-1

OPENSUSE-SU-2025_0153-1

OPENSUSE-SU-2025_0154-1

SUSE-SU-2025:0117-1

SUSE-SU-2025:0153-1

SUSE-SU-2025:0154-1

SUSE-SU-2025:0289-1

SUSE-SU-2025:20165-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20248-1

SUSE-SU-2025:20249-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

Affected Products

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2024-35648 · Linux+3 · Linux Kernel+3

CVE-2024-53201

Weakness Enumeration

Related Identifiers

Affected Products

References · 2499