CVE-2024-36897

CVSS v3.1 5.5 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 15

NVD Status Modified

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Atom Integrated System Info v2_2 for DCN35

New request from KMD/VBIOS in order to support new UMA carveout
model. This fixes a null dereference from accessing
Ctx->dc_bios->integrated_info while it was NULL.

DAL parses through the BIOS and extracts the necessary
integrated_info but was missing a case for the new BIOS
version 2.3.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
NVD Status: Modified
CNA: kernel.org
Published Date: 2024-05-30 16:15:13
(3 months ago)
Updated Date: 2024-07-03 02:03:45
(2 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel prior 5.15.159 version	cpe:2.3:o:linux:linux_kernel		< 5.15.159
Linux Kernel from 5.16 version and prior 6.1.91 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.91
Linux Kernel from 6.2 version and prior 6.6.31 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.6.31
Linux Kernel from 6.7 version and prior 6.8.10 version	cpe:2.3:o:linux:linux_kernel	>= 6.7	< 6.8.10