cve-2024-56775
Vulnerability from cvelistv5
Published
2025-01-08 17:49
Modified
2025-01-08 17:49
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix handling of plane refcount [Why] The mechanism to backup and restore plane states doesn't maintain refcount, which can cause issues if the refcount of the plane changes in between backup and restore operations, such as memory leaks if the refcount was supposed to go down, or double frees / invalid memory accesses if the refcount was supposed to go up. [How] Cache and re-apply current refcount when restoring plane states.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/27227a234c1487cb7a684615f0749c455218833aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8cb2f6793845f135b28361ba8e96901cae3e5790Patch
Impacted products
Vendor Product Version
Linux Linux
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/dc/core/dc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8cb2f6793845f135b28361ba8e96901cae3e5790",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "27227a234c1487cb7a684615f0749c455218833a",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/dc/core/dc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13-rc1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix handling of plane refcount\n\n[Why]\nThe mechanism to backup and restore plane states doesn\u0027t maintain\nrefcount, which can cause issues if the refcount of the plane changes\nin between backup and restore operations, such as memory leaks if the\nrefcount was supposed to go down, or double frees / invalid memory\naccesses if the refcount was supposed to go up.\n\n[How]\nCache and re-apply current refcount when restoring plane states."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-08T17:49:13.907Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8cb2f6793845f135b28361ba8e96901cae3e5790"
        },
        {
          "url": "https://git.kernel.org/stable/c/27227a234c1487cb7a684615f0749c455218833a"
        }
      ],
      "title": "drm/amd/display: Fix handling of plane refcount",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-56775",
    "datePublished": "2025-01-08T17:49:13.907Z",
    "dateReserved": "2024-12-29T11:26:39.766Z",
    "dateUpdated": "2025-01-08T17:49:13.907Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-56775\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-08T18:15:18.333\",\"lastModified\":\"2025-01-09T21:37:14.590\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/amd/display: Fix handling of plane refcount\\n\\n[Why]\\nThe mechanism to backup and restore plane states doesn\u0027t maintain\\nrefcount, which can cause issues if the refcount of the plane changes\\nin between backup and restore operations, such as memory leaks if the\\nrefcount was supposed to go down, or double frees / invalid memory\\naccesses if the refcount was supposed to go up.\\n\\n[How]\\nCache and re-apply current refcount when restoring plane states.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Corregir la gesti\u00f3n del recuento de referencias del plano [Por qu\u00e9] El mecanismo para realizar copias de seguridad y restaurar estados del plano no mantiene el recuento de referencias, lo que puede causar problemas si el recuento de referencias del plano cambia entre las operaciones de copia de seguridad y restauraci\u00f3n, como fugas de memoria si se supon\u00eda que el recuento de referencias bajar\u00eda, o liberaciones dobles / accesos a memoria no v\u00e1lidos si se supon\u00eda que el recuento de referencias aumentar\u00eda. [C\u00f3mo] Almacenar en cach\u00e9 y volver a aplicar el recuento de referencias actual al restaurar estados del plano.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"},{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.12.4\",\"matchCriteriaId\":\"E8020715-FB14-459D-9D51-9A47297525D4\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/27227a234c1487cb7a684615f0749c455218833a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8cb2f6793845f135b28361ba8e96901cae3e5790\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.