logo_clicknbuy.png

CVE-2024-57798 – Linux Kernel: intel drm_dp_mst Use After Free Vuln

The following table lists the changes that have been made to the
CVE-2024-57798 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jan. 11, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved:

    drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()

    While receiving an MST up request message from one thread in
    drm_dp_mst_handle_up_req(), the MST topology could be removed from
    another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing
    mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL.
    This could lead to a NULL deref/use-after-free of mst_primary in
    drm_dp_mst_handle_up_req().

    Avoid the above by holding a reference for mst_primary in
    drm_dp_mst_handle_up_req() while it’s used.

    v2: Fix kfreeing the request if getting an mst_primary reference fails.
    Added Reference https://git.kernel.org/stable/c/9735d40f5fde9970aa46e828ecc85c32571d58a2
    Added Reference https://git.kernel.org/stable/c/ce55818b2d3a999f886af91679589e4644ff1dc8
    Added Reference https://git.kernel.org/stable/c/e54b00086f7473dbda1a7d6fc47720ced157c6a8
    Added Reference https://git.kernel.org/stable/c/f61b2e5e7821f868d6afc22382a66a30ee780ba0
Share the Post:

Related Posts