From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BDE2271749 for ; Tue, 26 Mar 2024 17:50:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711475423; cv=none; b=W1TxXWNNnl47BHF5Z+hspEcizwtoPZ0jQWtOISBQ2TDmJicJYANHIa0h6uJAeIHNZVWOETvCEn0QnXzUy7sjC68yolvxJiEIbDspolKir22GFjUBXEtvQJjzXY47Zw3ra8A8xg4TuFZ9GkD5e8Suy0AP9dHo6DG7msjOxHkgFUI= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711475423; c=relaxed/simple; bh=Y+NF9qNwkMiyufF4h9XJ2F7yhL+Bg6/qMAz8C2cFXAA=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=lUu1ev1tyIiBz+UTGo/sOiD6YnE6CH0BHV6xkfWwu+gOQZwVZD6MVosEbDThyVIIHlNET3trQHInUYzbJW/m+7/K7KsajhuQrzkQI3MoTyOImbUBzty0LoaNSVx/oySqeWo6CIKJpQ5bMemDPXLNEJGZ/2jEUk9o5MAWgV1TgbU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=W9gKi9Ug; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="W9gKi9Ug" Received: by smtp.kernel.org (Postfix) with ESMTPSA id EB135C433F1; Tue, 26 Mar 2024 17:50:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1711475423; bh=Y+NF9qNwkMiyufF4h9XJ2F7yhL+Bg6/qMAz8C2cFXAA=; h=From:To:Cc:Subject:Date:Reply-to:From; b=W9gKi9UgmAz7dWDU4HAXrCmGUfKsi9HTtJSrMU9p7CsC3PdZ4u7dzfISczrOv/mZ4 b9km0maJiRkW/dHQyhOm9kh5/vlzsYYLyXVfBvAJimCK8XolG6/hliDOoyIB7mVAMn InfUtRwVsYLQfMAXU6S76GF8R5JK8uVa7QdixXg+kg4l2CKl+MXi68HTmOTQUg22M8 lk2kzGfKlHeI013tuLuVzva/Fcu0D0ujLZaKbaWQB0IDqHL3fcuMDueUr4j0NCMiT/ Z7+Czu9KkJxagWBWEkXufzIrTqPcjiAJYJ3sBCvYJG3IpnxEZ0dPmXtufpI+bd9R2B bSCx8+PclmuFQ== From: Lee Jones To: linux-cve-announce@vger.kernel.org Cc: Lee Jones Subject: CVE-2024-26648: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() Date: Tue, 26 Mar 2024 17:50:14 +0000 Message-ID: <20240326175007.1388794-16-lee@kernel.org> X-Mailer: git-send-email 2.44.0.396.g6e790dbe36-goog Precedence: bulk X-Mailing-List: linux-cve-announce@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Reply-to: , X-Developer-Signature: v=1; a=openpgp-sha256; l=2055; i=lee@kernel.org; h=from:subject; bh=Y+NF9qNwkMiyufF4h9XJ2F7yhL+Bg6/qMAz8C2cFXAA=; b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBmAwrQbkO5VYgsPihLyoQeDDFa6YJ8/p7AFdLrk wLc7weDdJqJAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZgMK0AAKCRBRr4ovh/x3 YZEtD/9lsqRpNlh0QYqP5HEjg70JbWreQCzL43ZbjYHx706zc5IfDh+CAlz3PM6npFB4ZxaxnJ+ zPjxeErZB3rdbjSV5qqAgE1Jrg4g4w6b6nSpjFrUvV3SBm/mtL2XRZkTjWAdWvJKpHbBLutch6W tKCdWqcYF/Ipt0x4isZkwnOn6+E5cmOU3o14g/CflXRmIYmwYZOwuE8eXM9o4hYTUWeg2aszqKm RZ0NCEa+VAUukgbWINubBEBv/W23/tMT4poiIESROIVXT4ahR3lwKYkImpExdXKYQgaY/KChbUg KnzPz3xuR3dyknH6q3dHnP8tJH39Ij/xbxbZzWrBRjSD1C3wIuLVUwzL89mjaueCmvzQqkLj0rm zQVZkewOJ5qtZfSb2WRPNPDlIbu39lzNiS3yx6Z/PHLn0FPM8P30mPHjzj2Dd+knUEWLooTZI7L qFBNaMxAjEBYyyPLYyuv6CR4d2MGDA7TiTwP1D+ARinSPTzZgQC0DRrnJL/KZeFjXs1BKPfkQiZ AGEY1p5AcqBDl0EBIEhwHnJ/7Jw5ZTyOJm4tLjxQIrK9bProGW92Yzmja0bclfqjX8JuhVWEE9n xcTLZVmIYvw28pHaLttuYBeMCW2pY2uq0jjYX72FHWlKf0s6BWIyHoY/OMawOGW+xtr869tUsv5 /WUk/cbdY3D0AZA== X-Developer-Key: i=lee@kernel.org; a=openpgp; fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 Content-Transfer-Encoding: 8bit Description =========== In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() In edp_setup_replay(), 'struct dc *dc' & 'struct dmub_replay *replay' was dereferenced before the pointer 'link' & 'replay' NULL check. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:947 edp_setup_replay() warn: variable dereferenced before check 'link' (see line 933) The Linux kernel CVE team has assigned CVE-2024-26648 to this issue. Affected and fixed versions =========================== Fixed in 6.6.15 with commit 22ae604aea14 Fixed in 6.7.3 with commit c02d257c6541 Fixed in 6.8 with commit 7073934f5d73 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-26648 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/gpu/drm/amd/display/dc/link/protocols/link_edp_panel_control.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/22ae604aea14756954e1c00ae653e34d2afd2935 https://git.kernel.org/stable/c/c02d257c654191ecda1dc1af6875d527e85310e7 https://git.kernel.org/stable/c/7073934f5d73f8b53308963cee36f0d389ea857c