What is the severity of CVE-2024-49913?

CVE-2024-49913 is classified as a moderate severity vulnerability due to the potential for a null pointer dereference in the Linux kernel.

How do I fix CVE-2024-49913?

To remediate CVE-2024-49913, update the Linux kernel to a fixed version, specifically to one greater than 5.10.227, or apply the patches provided in the associated security updates.

Which Linux kernel versions are affected by CVE-2024-49913?

CVE-2024-49913 affects multiple Linux kernel versions, specifically from 5.10.0 up to but not including 5.10.227, 5.11 up to 5.15.168, 5.16 up to 6.1.113, 6.2 up to 6.6.55, 6.7 up to 6.10.14, and 6.11.0 up to 6.11.3.

What is the impact of CVE-2024-49913?

The impact of CVE-2024-49913 is primarily the potential for a denial of service due to a null pointer dereference.

Is there an official patch for CVE-2024-49913?

Yes, there are official patches available for CVE-2024-49913 which are included in the latest updates of the affected Linux kernel versions.

Vulnerability/
CVE-2024-49913

medium

5.5

CWE

476

21/10/2024

19/12/2024

CVE-2024-49913: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream This commit addresses a null pointer dereference issue in the `commit_planes_for_stream` function at line 4140. The issue could occur when `top_pipe_to_program` is null. The fix adds a check to ensure `top_pipe_to_program` is not null before accessing its stream_res. This prevents a null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/core/dc.c:4140 commit_planes_for_stream() error: we previously assumed 'top_pipe_to_program' could be null (see line 3906)

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	<5.10.227
Linux Kernel	>=5.11<5.15.168
Linux Kernel	>=5.16<6.1.113
Linux Kernel	>=6.2<6.6.55
Linux Kernel	>=6.7<6.10.14
Linux Kernel	>=6.11<6.11.3
debian/linux	<=5.10.223-1<=5.10.226-1	6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1
debian/linux-6.1		6.1.119-1~deb11u1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-49913?
CVE-2024-49913 is classified as a moderate severity vulnerability due to the potential for a null pointer dereference in the Linux kernel.
How do I fix CVE-2024-49913?
To remediate CVE-2024-49913, update the Linux kernel to a fixed version, specifically to one greater than 5.10.227, or apply the patches provided in the associated security updates.
Which Linux kernel versions are affected by CVE-2024-49913?
CVE-2024-49913 affects multiple Linux kernel versions, specifically from 5.10.0 up to but not including 5.10.227, 5.11 up to 5.15.168, 5.16 up to 6.1.113, 6.2 up to 6.6.55, 6.7 up to 6.10.14, and 6.11.0 up to 6.11.3.
What is the impact of CVE-2024-49913?
The impact of CVE-2024-49913 is primarily the potential for a denial of service due to a null pointer dereference.
Is there an official patch for CVE-2024-49913?
Yes, there are official patches available for CVE-2024-49913 which are included in the latest updates of the affected Linux kernel versions.

agent/title
agent/type
agent/first-publish-date
agent/remedy
agent/severity
agent/weakness
agent/author
agent/references
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
collector/usn-cve
source/Ubuntu
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-api
collector/launchpad-cve
source/Launchpad
agent/source
agent/tags
agent/softwarecombine
agent/description
agent/event
collector/security-tracker-debian
source/Debian
vendor/linux
canonical/linux kernel
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.11
package-manager/debian

Frequently Asked Questions

What is the severity of CVE-2024-49913?
CVE-2024-49913 is classified as a moderate severity vulnerability due to the potential for a null pointer dereference in the Linux kernel.
How do I fix CVE-2024-49913?
To remediate CVE-2024-49913, update the Linux kernel to a fixed version, specifically to one greater than 5.10.227, or apply the patches provided in the associated security updates.
Which Linux kernel versions are affected by CVE-2024-49913?
CVE-2024-49913 affects multiple Linux kernel versions, specifically from 5.10.0 up to but not including 5.10.227, 5.11 up to 5.15.168, 5.16 up to 6.1.113, 6.2 up to 6.6.55, 6.7 up to 6.10.14, and 6.11.0 up to 6.11.3.
What is the impact of CVE-2024-49913?
The impact of CVE-2024-49913 is primarily the potential for a denial of service due to a null pointer dereference.
Is there an official patch for CVE-2024-49913?
Yes, there are official patches available for CVE-2024-49913 which are included in the latest updates of the affected Linux kernel versions.

CVE-2024-49913: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-49913?

How do I fix CVE-2024-49913?

Which Linux kernel versions are affected by CVE-2024-49913?

What is the impact of CVE-2024-49913?

Is there an official patch for CVE-2024-49913?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-49913?

How do I fix CVE-2024-49913?

Which Linux kernel versions are affected by CVE-2024-49913?

What is the impact of CVE-2024-49913?

Is there an official patch for CVE-2024-49913?