CVE-2024-49972

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-49972

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

I

n the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Deallocate DML memory if allocation fails [Why] When DC state create DML memory allocation fails, memory is not deallocated subsequently, resulting in uninitialized structure that is not NULL. [How] Deallocate memory if DML memory allocation fails.

References
Link Resource
https://git.kernel.org/stable/c/80345daa5746184195f2d383a2f1bad058f0f94c Patch
https://git.kernel.org/stable/c/892abca6877a96c9123bb1c010cafccdf8ca1b75 Patch
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

01 Nov 2024, 20:18

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CWE NVD-CWE-noinfo
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
First Time Linux
Linux linux Kernel
References () https://git.kernel.org/stable/c/80345daa5746184195f2d383a2f1bad058f0f94c - () https://git.kernel.org/stable/c/80345daa5746184195f2d383a2f1bad058f0f94c - Patch
References () https://git.kernel.org/stable/c/892abca6877a96c9123bb1c010cafccdf8ca1b75 - () https://git.kernel.org/stable/c/892abca6877a96c9123bb1c010cafccdf8ca1b75 - Patch

23 Oct 2024, 15:13

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Desasignar memoria DML si falla la asignación [Por qué] Cuando falla la asignación de memoria DML al crear un estado de DC, la memoria no se desasigna posteriormente, lo que da como resultado una estructura no inicializada que no es NULL. [Cómo] Desasignar memoria si falla la asignación de memoria DML.

21 Oct 2024, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-10-21 18:15

Updated : 2024-11-01 20:18

NVD link : CVE-2024-49972

Mitre link : CVE-2024-49972

CVE.ORG link : CVE-2024-49972

JSON object : View

Products Affected

linux

CWE
NVD-CWE-noinfo