CVE-2024-53050 - Linux Kernel Vulnerability Resolution in drm/i915/hdcp: Encoder Check Added in intel_hdcp2_get_capability

A crucial vulnerability, identified as CVE-2024-53050, has been discovered and addressed in the Linux kernel. This new vulnerability is found in the DRM (Direct Rendering Manager) subsystem's i915 driver, which is responsible for handling graphics processing unit (GPU) devices from Intel. Specifically, the vulnerability lies in the intel_hdcp2_get_capability function, an integral part of the DRM driver's High-bandwidth Digital Content Protection (HDCP) feature.

The vulnerability can potentially cause system instability or denial of service (DoS) in Linux-based systems utilizing Intel's i915 DRM driver. An attacker can exploit this vulnerability by forcing the kernel to attempt an operation that causes a null pointer error, causing the system to crash or hang. In response, the developers have now added an encoder check to the intel_hdcp2_get_capability function to alleviate this vulnerability and improve system stability.

The patch that brings the fix for this vulnerability can be found here

Patch Link

Here's a quick code snippet of the fix

/**
 * intel_hdcp2_get_capability - Check and set hdcp2 capability
 * @connector: DRM connector
 *
 * Return
 * 	True if hdcp2 is capable, False otherwise
 */
bool intel_hdcp2_get_capability(struct intel_connector *connector)
{
	struct intel_digital_port *dig_port;
	struct intel_encoder *encoder;
	struct hdcp2_hdmi_msg data;
	int ret;

	encoder = connector->encoder;
	if (!encoder) {
		drm_dbg_kms(&connector->base.dev->drm,
			    "HDCP2.2: No encoder, not capable\n");
		return false;
	}
...
}

This code snippet demonstrates the addition of an encoder check (if (!encoder)) in the intel_hdcp2_get_capability function to mitigate the null pointer error. This check ensures that the function is using a valid encoder object before proceeding, averting the risk of a crash caused by the vulnerability.

This vulnerability was initially reported by Yilun Jiang from Alibaba Incubator. You can find more details and the full disclosure of the vulnerability in the original message posted to the Linux Kernel Mailing List (LKML) here:
Original LKML Message

For an in-depth understanding of how the encoder check is added and other modifications done in the patch, you can read the full patch series here:
Patch Series

To ensure the safety and stability of your Linux-based systems, it is crucial to apply the patch that delivers the fix for CVE-2024-53050. By addressing this vulnerability, you'll minimize the risk of system crashes or instability resulting from a null pointer error exploited by an attacker.

For more information on CVE-2024-53050 and other related vulnerabilities, please refer to the following resources:

1. National Vulnerability Database (NVD)
2. Common Vulnerabilities and Exposures (CVE)
3. Linux Kernel Mailing List (LKML)
4. Alibaba Incubator

Timeline

Published on: 11/19/2024 18:15:25 UTC
Last modified on: 11/20/2024 16:17:12 UTC