CVE-2024-42101

MEDIUM EPSS 17.4%
Published Jul 30, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jul 30, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes In nouveau_connector_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
17.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥2.6.33  –  <4.19.318
linuxlinux_kernel*≥4.20  –  <5.4.280
linuxlinux_kernel*≥5.5  –  <5.10.222
linuxlinux_kernel*≥5.11  –  <5.15.163
linuxlinux_kernel*≥5.16  –  <6.1.98
linuxlinux_kernel*≥6.2  –  <6.6.39
linuxlinux_kernel*≥6.7  –  <6.9.9

References 9

  • git.kernel.org https://git.kernel.org/stable/c/1f32535238493008587a8c5cb17eb2ca097592ef
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/274cba8d2d1b48c72d8bd90e76c9e2dc1aa0a81d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/744b229f09134ccd091427a6f9ea6d97302cfdd9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7db5411c5d0bd9c29b8c2ad93c36b5c16ea46c9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/80bec6825b19d95ccdfd3393cf8ec15ff2a749b4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9baf60323efa992b7c915094529f0a1882c34e7e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e36364f5f3785d054a94e57e971385284886d41a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f48dd3f19614022f2e1b794fbd169d2b4c398c07
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1f32535238493008587a8c5cb17eb2ca097592ef
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/274cba8d2d1b48c72d8bd90e76c9e2dc1aa0a81d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/744b229f09134ccd091427a6f9ea6d97302cfdd9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7db5411c5d0bd9c29b8c2ad93c36b5c16ea46c9e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/80bec6825b19d95ccdfd3393cf8ec15ff2a749b4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9baf60323efa992b7c915094529f0a1882c34e7e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e36364f5f3785d054a94e57e971385284886d41a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f48dd3f19614022f2e1b794fbd169d2b4c398c07
    Patch