CVE-2024-38390

Published: Jun 21, 2024

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails Calling a6xx_destroy() before adreno_gpu_init() leads to a null pointer dereference on: msm_gpu_cleanup() : platform_set_drvdata(gpu->pdev, NULL); as gpu->pdev is only assigned in: a6xx_gpu_init() |_ adreno_gpu_init |_ msm_gpu_init() Instead of relying on handwavy null checks down the cleanup chain, explicitly de-allocate the LLC data and free a6xx_gpu instead. Patchwork: https://patchwork.freedesktop.org/patch/588919/

Vendor	Product	Versions
Linux	Linux	affected `76efc2453d0e8e5d6692ef69981b183ad674edea - < 247849eeb3fd88f8990ed73e33af70d5c10f9aec` affected `76efc2453d0e8e5d6692ef69981b183ad674edea - < a1955a6df91355fef72a3a254700acd3cc1fec0d` affected `76efc2453d0e8e5d6692ef69981b183ad674edea - < 617e3d1680504a3f9d88e1582892c68be155498f` affected `76efc2453d0e8e5d6692ef69981b183ad674edea - < 46d4efcccc688cbacdd70a238bedca510acaa8e4` affected `5fea4202b5faccfc6449381a299e8ce4b994d666` +1 more versions
Linux	Linux	affected `6.1` unaffected `0 - < 6.1` unaffected `6.1.93 - <= 6.1.` unaffected `6.6.33 - <= 6.6.` unaffected `6.9.4 - <= 6.9.*` +1 more versions

References

https://git.kernel.org/stable/c/247849eeb3fd88f8990ed73e33af70d5c10f9aec

https://git.kernel.org/stable/c/a1955a6df91355fef72a3a254700acd3cc1fec0d

https://git.kernel.org/stable/c/617e3d1680504a3f9d88e1582892c68be155498f

https://git.kernel.org/stable/c/46d4efcccc688cbacdd70a238bedca510acaa8e4

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-38390

Description

Affected Products

References