CVE-2024-49908

Published: Oct 21, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (v2) This commit adds a null check for the 'afb' variable in the amdgpu_dm_update_cursor function. Previously, 'afb' was assumed to be null at line 8388, but was used later in the code without a null check. This could potentially lead to a null pointer dereference. Changes since v1: - Moved the null check for 'afb' to the line where 'afb' is used. (Alex) Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c:8433 amdgpu_dm_update_cursor() error: we previously assumed 'afb' could be null (see line 8388)

Vendor	Product	Versions
Linux	Linux	affected `4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c - < a742168b6a39ead257da53bcbe472384d6e14a1b` affected `4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c - < 0fe20258b4989b9112b5e9470df33a0939403fd4`
Linux	Linux	affected `4.15` unaffected `0 - < 4.15` unaffected `6.11.3 - <= 6.11.` unaffected `6.12 - <= `

References

https://git.kernel.org/stable/c/a742168b6a39ead257da53bcbe472384d6e14a1b

https://git.kernel.org/stable/c/0fe20258b4989b9112b5e9470df33a0939403fd4

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-49908

Description

Affected Products

References