CVE-2024-53056

Published: Nov 19, 2024

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() In mtk_crtc_create(), if the call to mbox_request_channel() fails then we set the "mtk_crtc->cmdq_client.chan" pointer to NULL. In that situation, we do not call cmdq_pkt_create(). During the cleanup, we need to check if the "mtk_crtc->cmdq_client.chan" is NULL first before calling cmdq_pkt_destroy(). Calling cmdq_pkt_destroy() is unnecessary if we didn't call cmdq_pkt_create() and it will result in a NULL pointer dereference.

Vendor	Product	Versions
Linux	Linux	affected `7627122fd1c06800a1fe624e9fb3c269796115e8 - < c60583a87cb4a85b69d1f448f0be5eb6ec62cbb2` affected `7627122fd1c06800a1fe624e9fb3c269796115e8 - < 4018651ba5c409034149f297d3dd3328b91561fd` affected `2c4396693698e876e559768d3d3a150c672ec384` affected `5.15.54 - < 5.16`
Linux	Linux	affected `5.17` unaffected `0 - < 5.17` unaffected `6.11.7 - <= 6.11.` unaffected `6.12 - <= `

References

https://git.kernel.org/stable/c/c60583a87cb4a85b69d1f448f0be5eb6ec62cbb2

https://git.kernel.org/stable/c/4018651ba5c409034149f297d3dd3328b91561fd

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-53056

Description

Affected Products

References