Описание
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Fix possible null pointer derefence with invalid contexts
vmw_context_cotable can return either an error or a null pointer and its usage sometimes went unchecked. Subsequent code would then try to access either a null pointer or an error value.
The invalid dereferences were only possible with malformed userspace apps which never properly initialized the rendering contexts.
Check the results of vmw_context_cotable to fix the invalid derefs.
Thanks: ziming zhang(@ezrak1e) from Ant Group Light-Year Security Lab who was the first person to discover it. Niels De Graef who reported it and helped to track down the poc.
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Fix possible null pointer derefence with invalid contexts
vmw_context_cotable can return either an error or a null pointer and its usage sometimes went unchecked. Subsequent code would then try to access either a null pointer or an error value.
The invalid dereferences were only possible with malformed userspace apps which never properly initialized the rendering contexts.
Check the results of vmw_context_cotable to fix the invalid derefs.
Thanks: ziming zhang(@ezrak1e) from Ant Group Light-Year Security Lab who was the first person to discover it. Niels De Graef who reported it and helped to track down the poc.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-26979
- https://git.kernel.org/stable/c/07c3fe923ff7eccf684fb4f8c953d0a7cc8ded73
- https://git.kernel.org/stable/c/517621b7060096e48e42f545fa6646fc00252eac
- https://git.kernel.org/stable/c/585fec7361e7850bead21fada49a7fcde2f2e791
- https://git.kernel.org/stable/c/899e154f9546fcae18065d74064889d08fff62c2
- https://git.kernel.org/stable/c/9cb3755b1e3680b720b74dbedfac889e904605c7
- https://git.kernel.org/stable/c/c560327d900bab968c2e1b4cd7fa2d46cd429e3d
- https://git.kernel.org/stable/c/ff41e0d4f3fa10d7cdd7d40f8026bea9fcc8b000
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix possible null pointer derefence with invalid contexts The Linux kernel CVE team has assigned CVE-2024-26979 to this issue.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
