medium
5.5
CWE
476
Advisory Published
Updated

CVE-2024-26729: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv

First published: Wed Apr 03 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv Fixes potential null pointer dereference warnings in the dc_dmub_srv_cmd_list_queue_execute() and dc_dmub_srv_is_hw_pwr_up() functions. In both functions, the 'dc_dmub_srv' variable was being dereferenced before it was checked for null. This could lead to a null pointer dereference if 'dc_dmub_srv' is null. The fix is to check if 'dc_dmub_srv' is null before dereferencing it. Thus moving the null checks for 'dc_dmub_srv' to the beginning of the functions to ensure that 'dc_dmub_srv' is not null when it is dereferenced. Found by smatch & thus fixing the below: drivers/gpu/drm/amd/amdgpu/../display/dc/dc_dmub_srv.c:133 dc_dmub_srv_cmd_list_queue_execute() warn: variable dereferenced before check 'dc_dmub_srv' (see line 128) drivers/gpu/drm/amd/amdgpu/../display/dc/dc_dmub_srv.c:1167 dc_dmub_srv_is_hw_pwr_up() warn: variable dereferenced before check 'dc_dmub_srv' (see line 1164)

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux kernel>=6.7<6.7.7
Linux kernel=6.8-rc1
Linux kernel=6.8-rc2
Linux kernel=6.8-rc3
Linux kernel=6.8-rc4
Linux kernel=6.8-rc5

Remedy

https://git.kernel.org/stable/c/351080ba3414c96afff0f1338b4aeb2983195b80

Remedy

https://git.kernel.org/stable/c/d2b48f340d9e4a8fbeb1cdc84cd8da6ad143a907

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-26729?

    CVE-2024-26729 has been classified with a critical severity due to the potential impact of null pointer dereferences in the Linux kernel.

  • What software versions are affected by CVE-2024-26729?

    CVE-2024-26729 affects Linux kernel versions from 6.7 to 6.8-rc5.

  • What causes the vulnerability in CVE-2024-26729?

    CVE-2024-26729 is caused by potential null pointer dereference warnings in specific display functions of the AMD display driver.

  • How do I fix CVE-2024-26729?

    To fix CVE-2024-26729, you should update your Linux kernel to the latest available patched version.

  • Is there a workaround for CVE-2024-26729?

    There are no recommended workarounds for CVE-2024-26729; the best mitigation is to apply the security update.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203