CVE-2024-53201
MEDIUM EPSS 11.4%
Published Dec 27, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published Dec 27, 2024 1y ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe This commit addresses a null pointer dereference issue in dcn20_program_pipe(). Previously, commit 8e4ed3cf1642 ("drm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe") partially fixed the null pointer dereference issue. However, in dcn20_update_dchubp_dpp(), the variable pipe_ctx is passed in, and plane_state is accessed again through pipe_ctx. Multiple if statements directly call attributes of plane_state, leading to potential null pointer dereference issues. This patch adds necessary null checks to ensure stability.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
11.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
Affected Products 3
References 3
- git.kernel.org https://git.kernel.org/stable/c/3609259326171cd5b98462636580fb2ae5c87d40
- git.kernel.org https://git.kernel.org/stable/c/6a057072ddd127255350357dd880903e8fa23f36
- git.kernel.org https://git.kernel.org/stable/c/6b4ee2560d4d8de2688da68cd9581177035e0876
Remediation
- git.kernel.org https://git.kernel.org/stable/c/3609259326171cd5b98462636580fb2ae5c87d40
- git.kernel.org https://git.kernel.org/stable/c/6a057072ddd127255350357dd880903e8fa23f36
- git.kernel.org https://git.kernel.org/stable/c/6b4ee2560d4d8de2688da68cd9581177035e0876