Executive Summary

Informations
Name CVE-2024-46698 First vendor Publication 2024-09-13
Vendor Cve Last vendor Modification 2024-09-13

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 5.5
Base Score 5.5 Environmental Score 5.5
impact SubScore 3.6 Temporal Score 5.5
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

video/aperture: optionally match the device in sysfb_disable()

In aperture_remove_conflicting_pci_devices(), we currently only call sysfb_disable() on vga class devices. This leads to the following problem when the pimary device is not VGA compatible:

1. A PCI device with a non-VGA class is the boot display 2. That device is probed first and it is not a VGA device so
sysfb_disable() is not called, but the device resources
are freed by aperture_detach_platform_device() 3. Non-primary GPU has a VGA class and it ends up calling sysfb_disable() 4. NULL pointer dereference via sysfb_disable() since the resources
have already been freed by aperture_detach_platform_device() when
it was called by the other device.

Fix this by passing a device pointer to sysfb_disable() and checking the device to determine if we should execute it or not.

v2: Fix build when CONFIG_SCREEN_INFO is not set v3: Move device check into the mutex
Drop primary variable in aperture_remove_conflicting_pci_devices()
Drop __init on pci sysfb_pci_dev_is_enabled()

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46698

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-476 NULL Pointer Dereference

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8
Os 3604

Sources (Detail)

https://git.kernel.org/stable/c/17e78f43de0c6da34204cc858b4cc05671ea9acf
https://git.kernel.org/stable/c/b49420d6a1aeb399e5b107fc6eb8584d0860fbd7
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2024-10-03 02:53:44
  • Multiple Updates
2024-10-02 02:52:08
  • Multiple Updates
2024-09-15 00:27:26
  • Multiple Updates
2024-09-14 02:47:53
  • Multiple Updates
2024-09-14 02:47:17
  • Multiple Updates
2024-09-13 21:27:29
  • Multiple Updates
2024-09-13 13:27:27
  • First insertion