PT-2025-3325 · Linux+7 · Linux Kernel+7
Published
2025-01-08
·
Updated
2026-03-14
·
CVE-2024-56778
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A vulnerability has been resolved in the Linux kernel, specifically in the drm/sti module, to avoid the potential dereference of error pointers in
sti hqvdp atomic check. The return value of drm atomic get crtc state() needs to be checked to avoid using the error pointer crtc state in case of failure.Recommendations
To resolve the issue, check the return value of
drm atomic get crtc state() to avoid using the error pointer crtc state in case of failure. As a temporary workaround, consider adding error checking for drm atomic get crtc state() until a patch is available. Restrict access to the vulnerable sti hqvdp atomic check function to minimize the risk of exploitation.Exploit
Fix
Improper Check for Exceptional Conditions
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu