CVE-2024-43904: Linux Kernel Vulnerability Resolved in drm/amd/display: Adding Null Checks for 'stream' and 'plane'
A recent update in the Linux kernel resolved a vulnerability that could potentially cause a crash due to null pointer dereference. The issue was found in the drm/amd/display subsystem, and the patch adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. This article will go over the details of the vulnerability, the code snippet, and the original references in a comprehensive manner.
Exploit Details
The vulnerability was identified in the dcn30_apply_idle_power_optimizations function of the Linux kernel. In this function, both 'stream' and 'plane' variables were used without validating if they were null or not, after previously assuming they could be null at line 922. This could potentially lead to a null pointer dereference, causing a crash.
The proposed fix introduces null checks for the 'stream' and 'plane' variables before they are used, which prevents potential crashes due to null pointer dereferences.
Code Snippet
The following code snippet demonstrates how the null checks were added for 'stream' and 'plane' in the dcn30_apply_idle_power_optimizations function.
drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:938 dcn30_apply_idle_power_optimizations()
{
...
922: if (!stream || !plane) {
...
}
...
938: if (stream) {
...
}
...
940: if (plane) {
...
}
...
}
This effectively resolves the issue pointed out by the static smatch checker warnings
- drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:938 dcn30_apply_idle_power_optimizations() error: we previously assumed 'stream' could be null (see line 922)
- drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:940 dcn30_apply_idle_power_optimizations() error: we previously assumed 'plane' could be null (see line 922)
Original References
The fix was introduced in the Linux kernel with this commit: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing.
You can find the Linux kernel source code repository here: Linux Kernel Source.
Conclusion
The CVE-2024-43904 vulnerability in the Linux kernel has been resolved by adding null checks for 'stream' and 'plane' in the dcn30_apply_idle_power_optimizations function. These checks prevent potential crashes due to null pointer dereferences. If you are using an affected version of the Linux kernel, it is recommended that you update your kernel to include this fix and other recent patches.
Timeline
Published on: 08/26/2024 11:15:04 UTC
Last modified on: 08/27/2024 13:40:50 UTC