[SRU][J][PATCH 0/2] CVE-2024-26662
Yo-Jung (Leo) Lin
leo.lin at canonical.com
Thu Dec 19 07:56:51 UTC 2024
[Impact]
drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()'
In dcn21_set_backlight_level(), pipe_ctx->stream_res.tg->inst was
dereferenced without checking if stream_res.tg could be NULL, making
it a potential null pointer dereference issue.
Despite being labeled as the fix, the e96fddb commit DIDN'T fix the CVE
correctly. Another follow-up patch (drm/amd/display: Fix && vs || typos)
(17ba9cde11c2) should be applied altogether to fully mitigate this CVE.
[Fix]
Noble: not affected
Jammy: Backported - context conflict with neighboring line
Focal: not affected
Bionic: not affected
Xenial: not affected
Trusty: not affected
[Test Case]
Compile and boot tested.
[Where problems could occur]
If those 2 patches don't get applied altogether, then the issue will
remain.
Dan Carpenter (1):
drm/amd/display: Fix && vs || typos
Srinivasan Shanmugam (1):
drm/amd/display: Fix 'panel_cntl' could be null in
'dcn21_set_backlight_level()'
drivers/gpu/drm/amd/display/dc/dcn21/dcn21_hwseq.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list