CVE-2024-43906 (GCVE-0-2024-43906)

Vulnerability from cvelistv5 – Published: 2024-08-26 10:11 – Updated: 2025-05-04 09:28
VLAI?
Title
drm/admgpu: fix dereferencing null pointer context
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/admgpu: fix dereferencing null pointer context When user space sets an invalid ta type, the pointer context will be empty. So it need to check the pointer context before using it
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 896b7addf2dc24908ad87f8ebeff83b2a83b8e04 , < 641dac64178ccdb9e45c92b67120316896294d05 (git)
Affected: 896b7addf2dc24908ad87f8ebeff83b2a83b8e04 , < 4fd52f7c2c11d330571c6bde06e5ea508ec25c9d (git)
Affected: 896b7addf2dc24908ad87f8ebeff83b2a83b8e04 , < 030ffd4d43b433bc6671d9ec34fc12c59220b95d (git)
Create a notification for this product.
    Linux Linux Affected: 6.2
Unaffected: 0 , < 6.2 (semver)
Unaffected: 6.6.46 , ≤ 6.6.* (semver)
Unaffected: 6.10.5 , ≤ 6.10.* (semver)
Unaffected: 6.11 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-43906",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:28:33.538030Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-12T17:33:07.630Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "641dac64178ccdb9e45c92b67120316896294d05",
              "status": "affected",
              "version": "896b7addf2dc24908ad87f8ebeff83b2a83b8e04",
              "versionType": "git"
            },
            {
              "lessThan": "4fd52f7c2c11d330571c6bde06e5ea508ec25c9d",
              "status": "affected",
              "version": "896b7addf2dc24908ad87f8ebeff83b2a83b8e04",
              "versionType": "git"
            },
            {
              "lessThan": "030ffd4d43b433bc6671d9ec34fc12c59220b95d",
              "status": "affected",
              "version": "896b7addf2dc24908ad87f8ebeff83b2a83b8e04",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.2"
            },
            {
              "lessThan": "6.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.46",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.10.*",
              "status": "unaffected",
              "version": "6.10.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.11",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.46",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.10.5",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.11",
                  "versionStartIncluding": "6.2",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/admgpu: fix dereferencing null pointer context\n\nWhen user space sets an invalid ta type, the pointer context will be empty.\nSo it need to check the pointer context before using it"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:28:57.171Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/641dac64178ccdb9e45c92b67120316896294d05"
        },
        {
          "url": "https://git.kernel.org/stable/c/4fd52f7c2c11d330571c6bde06e5ea508ec25c9d"
        },
        {
          "url": "https://git.kernel.org/stable/c/030ffd4d43b433bc6671d9ec34fc12c59220b95d"
        }
      ],
      "title": "drm/admgpu: fix dereferencing null pointer context",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-43906",
    "datePublished": "2024-08-26T10:11:08.159Z",
    "dateReserved": "2024-08-17T09:11:59.293Z",
    "dateUpdated": "2025-05-04T09:28:57.171Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.6.46\", \"matchCriteriaId\": \"84C35A98-08C9-4674-8AC8-9CC0757B7699\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.7\", \"versionEndExcluding\": \"6.10.5\", \"matchCriteriaId\": \"D074AE50-4A5E-499C-A2FD-75FD60DEA560\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/admgpu: fix dereferencing null pointer context\\n\\nWhen user space sets an invalid ta type, the pointer context will be empty.\\nSo it need to check the pointer context before using it\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: drm/admgpu: corrige la desreferenciaci\\u00f3n del contexto del puntero nulo Cuando el espacio de usuario establece un tipo ta no v\\u00e1lido, el contexto del puntero estar\\u00e1 vac\\u00edo. Por lo tanto, es necesario verificar el contexto del puntero antes de usarlo.\"}]",
      "id": "CVE-2024-43906",
      "lastModified": "2024-08-27T13:41:30.093",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-08-26T11:15:04.947",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/030ffd4d43b433bc6671d9ec34fc12c59220b95d\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/4fd52f7c2c11d330571c6bde06e5ea508ec25c9d\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/641dac64178ccdb9e45c92b67120316896294d05\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-476\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-43906\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-08-26T11:15:04.947\",\"lastModified\":\"2024-08-27T13:41:30.093\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/admgpu: fix dereferencing null pointer context\\n\\nWhen user space sets an invalid ta type, the pointer context will be empty.\\nSo it need to check the pointer context before using it\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/admgpu: corrige la desreferenciaci\u00f3n del contexto del puntero nulo Cuando el espacio de usuario establece un tipo ta no v\u00e1lido, el contexto del puntero estar\u00e1 vac\u00edo. Por lo tanto, es necesario verificar el contexto del puntero antes de usarlo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.6.46\",\"matchCriteriaId\":\"84C35A98-08C9-4674-8AC8-9CC0757B7699\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.10.5\",\"matchCriteriaId\":\"D074AE50-4A5E-499C-A2FD-75FD60DEA560\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/030ffd4d43b433bc6671d9ec34fc12c59220b95d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4fd52f7c2c11d330571c6bde06e5ea508ec25c9d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/641dac64178ccdb9e45c92b67120316896294d05\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-43906\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T15:28:33.538030Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:15.001Z\"}}], \"cna\": {\"title\": \"drm/admgpu: fix dereferencing null pointer context\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"896b7addf2dc24908ad87f8ebeff83b2a83b8e04\", \"lessThan\": \"641dac64178ccdb9e45c92b67120316896294d05\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"896b7addf2dc24908ad87f8ebeff83b2a83b8e04\", \"lessThan\": \"4fd52f7c2c11d330571c6bde06e5ea508ec25c9d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"896b7addf2dc24908ad87f8ebeff83b2a83b8e04\", \"lessThan\": \"030ffd4d43b433bc6671d9ec34fc12c59220b95d\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.2\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.6.46\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.10.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.10.*\"}, {\"status\": \"unaffected\", \"version\": \"6.11\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/641dac64178ccdb9e45c92b67120316896294d05\"}, {\"url\": \"https://git.kernel.org/stable/c/4fd52f7c2c11d330571c6bde06e5ea508ec25c9d\"}, {\"url\": \"https://git.kernel.org/stable/c/030ffd4d43b433bc6671d9ec34fc12c59220b95d\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/admgpu: fix dereferencing null pointer context\\n\\nWhen user space sets an invalid ta type, the pointer context will be empty.\\nSo it need to check the pointer context before using it\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.46\", \"versionStartIncluding\": \"6.2\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.10.5\", \"versionStartIncluding\": \"6.2\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.11\", \"versionStartIncluding\": \"6.2\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T09:28:57.171Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-43906\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T09:28:57.171Z\", \"dateReserved\": \"2024-08-17T09:11:59.293Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-08-26T10:11:08.159Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}