Bugzilla – Bug 1222324
VUL-0: CVE-2024-26662: kernel: drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()'
Last modified: 2024-07-02 07:23:19 UTC
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()' 'panel_cntl' structure used to control the display panel could be null, dereferencing it could lead to a null pointer access. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn21/dcn21_hwseq.c:269 dcn21_set_backlight_level() error: we previously assumed 'panel_cntl' could be null (see line 250) References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26662 https://git.kernel.org/stable/c/e96fddb32931d007db12b1fce9b5e8e4c080401b https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-26662.mbox https://git.kernel.org/stable/c/2e150ccea13129eb048679114808eb9770443e4d https://git.kernel.org/stable/c/0c863cab0e9173f8b6c7bc328bee3b8625f131b5 https://www.cve.org/CVERecord?id=CVE-2024-26662 https://bugzilla.redhat.com/show_bug.cgi?id=2272786
@Thomas: Can you please check: ./scripts/check-kernel-fix CVE-2024-26662 e96fddb32931 ("drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()'") merged v6.8-rc4~21^2~1^2~15 Fixes: 474ac4a875ca ("drm/amd/display: Implement some asic specific abm call backs.") merged v5.9-rc1~134^2~19^2~484 Security fix for CVE-2024-26662 bsc#1222324 with CVSS 5.5 .............................. ACTION NEEDED! SLE15-SP5: MANUAL: backport e96fddb32931d007db12b1fce9b5e8e4c080401b (Fixes 474ac4a875ca)
> ACTION NEEDED! > SLE15-SP5: MANUAL: backport e96fddb32931d007db12b1fce9b5e8e4c080401b (Fixes > 474ac4a875ca) SLE15-SP5 is not affected. I blacklisted the fix.