Re: CVE-2024-42308: drm/amd/display: Check for NULL pointer

From: gregkh@xxxxxxxxxxxxxxxxxxx
Date: Wed Oct 09 2024 - 09:56:49 EST

Next message: Willem de Bruijn: "Re: [PATCH RFC v5 06/10] tun: Introduce virtio-net hash reporting feature"
Previous message: Ulf Hansson: "Re: [PATCH v4 03/11] OPP: Rework _set_required_devs() to manage a single device per call"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Oct 07, 2024 at 11:01:59AM +0000, Siddh Raman Pant wrote:
> On Sat, 17 Aug 2024 11:10:13 +0200, Greg Kroah-Hartman wrote:
> > In the Linux kernel, the following vulnerability has been resolved:
> >
> > drm/amd/display: Check for NULL pointer
> >
> > [why & how]
> > Need to make sure plane_state is initialized
> > before accessing its members.
> >
> > (cherry picked from commit 295d91cbc700651782a60572f83c24861607b648)
> >
> > The Linux kernel CVE team has assigned CVE-2024-42308 to this issue.
>
> This commit is no-op / doesn't make any difference, as there is an
> implicit NULL check rigth above it, as plane_state cannot be NULL
> (checked at the start of function).
>
> So this CVE should be invalid.

Yeah, tricky code, I see why the static tools got this wrong. I'll go
invalidate this now, thanks for the report!

greg k-h

Next message: Willem de Bruijn: "Re: [PATCH RFC v5 06/10] tun: Introduce virtio-net hash reporting feature"
Previous message: Ulf Hansson: "Re: [PATCH v4 03/11] OPP: Rework _set_required_devs() to manage a single device per call"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]