Bugzilla – Bug 1219615
VUL-0: CVE-2024-22386: kernel: null pointer dereference due to race in drm/exynos in exynos_drm_crtc_atomic_disable() function
Last modified: 2024-03-04 16:18:00 UTC
A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-22386 https://www.cve.org/CVERecord?id=CVE-2024-22386 https://bugzilla.openanolis.cn/show_bug.cgi?id=8147
Advisory is not public yet, but probably refer to this upstream commit: https://github.com/torvalds/linux/commit/2e63972a2de14482d0eae1a03a73e379f1c3f44c Based on this commit the codestream affected are: - cve/linux-5.14 - cve/linux-4.12 - cve/linux-5.3
SP4, SP5, SP6: config/arm64/default:# CONFIG_DRM_EXYNOS is not set (armv7l has it, but we do not ship arm32bit product.) I would declare us as unaffected.
Ok, thanks Markus, closing it as resolved.