CVE-2024-42309

MEDIUM EPSS 13.2%
Published Aug 17, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 17, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥3.3  –  <4.19.320
linuxlinux_kernel*≥4.20  –  <5.4.282
linuxlinux_kernel*≥5.5  –  <5.10.224
linuxlinux_kernel*≥5.11  –  <5.15.165
linuxlinux_kernel*≥5.16  –  <6.1.103
linuxlinux_kernel*≥6.2  –  <6.6.44
linuxlinux_kernel*≥6.7  –  <6.10.3

References 10

  • git.kernel.org https://git.kernel.org/stable/c/13b5f3ee94bdbdc4b5f40582aab62977905aedee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2df7aac81070987b0f052985856aa325a38debf6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/46d2ef272957879cbe30a884574320e7f7d78692
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/475a5b3b7c8edf6e583a9eb59cf28ea770602e14
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6735d02ead7dd3adf74eb8b70aebd09e0ce78ec9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7e52c62ff029f95005915c0a11863b5fb5185c8c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d6ad202f73f8edba0cbc0065aa57a79ffe8fdcdc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f70ffeca546452d1acd3a70ada56ecb2f3e7f811
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/13b5f3ee94bdbdc4b5f40582aab62977905aedee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2df7aac81070987b0f052985856aa325a38debf6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/46d2ef272957879cbe30a884574320e7f7d78692
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/475a5b3b7c8edf6e583a9eb59cf28ea770602e14
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6735d02ead7dd3adf74eb8b70aebd09e0ce78ec9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7e52c62ff029f95005915c0a11863b5fb5185c8c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d6ad202f73f8edba0cbc0065aa57a79ffe8fdcdc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f70ffeca546452d1acd3a70ada56ecb2f3e7f811
    Patch