CVE Published: 01/05/2024 |
CVE Updated: 07/11/2024 |
CVE Year: 2024 Source: Linux |
Vendor: Linux |
Product: Linux Status : PUBLISHED
CVE-2024-27040 Description
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add \'replay\' NULL check in \'edp_set_replay_allow_active()\'
In the first if statement, we\'re checking if \'replay\' is NULL. But in
the second if statement, we\'re not checking if \'replay\' is NULL again
before calling replay->funcs->replay_set_power_opt().
if (replay == NULL && force_static)
return false;
...
if (link->replay_settings.replay_feature_enabled &&
replay->funcs->replay_set_power_opt) {
replay->funcs->replay_set_power_opt(replay, *power_opts, panel_inst);
link->replay_settings.replay_power_opt_active = *power_opts;
}
If \'replay\' is NULL, this will cause a null pointer dereference.
Fixes the below found by smatch:
drivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:895 edp_set_replay_allow_active() error: we previously assumed \'replay\' could be null (see line 887)