PT-2024-9776 · Linux+5 · Linux Kernel+5

Published

2024-04-25

·

Updated

2025-02-03

·

CVE-2024-40916

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.9.0-rc5-next-20240424
Description: The vulnerability is related to the Linux kernel's DRM (Direct Rendering Manager) core, specifically the Exynos HDMI driver. When the EDID (Extended Display Identification Data) reading fails, the DRM core adds an artificial 1024x786 mode to the connector. However, some variants of the Exynos HDMI, like the one in Exynos4 SoCs, are not able to drive this mode. To fix this issue, the kernel now reports a safe 640x480 mode as a fallback when no EDID is found.
Recommendations: To resolve this issue, update the Linux kernel to a version newer than 6.9.0-rc5-next-20240424. If updating is not possible, consider disabling the Exynos HDMI driver or restricting its use to minimize the risk of exploitation.

Exploit

Fix

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

BDU:2024-11522
CVE-2024-40916
DLA-4008-1
DSA-5730-1
DSA-5731-1
OESA-2024-1897
OPENSUSE-SU-2024_2947-1
SUSE-SU-2024:2894-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2947-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3383-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-6999-1
USN-6999-2
USN-7003-1
USN-7003-2
USN-7003-3
USN-7003-4
USN-7003-5
USN-7004-1
USN-7005-1
USN-7005-2
USN-7006-1
USN-7007-1
USN-7007-2
USN-7007-3
USN-7008-1
USN-7009-1
USN-7009-2
USN-7019-1
USN-7029-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu