CVE-2024-49990

Published: Oct 21, 2024Modified: Oct 28, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Check GSC structure validity Sometimes xe_gsc is not initialized when checked at HDCP capability check. Add gsc structure check to avoid null pointer error.

Affected (2)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 6.10.14
Linux Linux Kernel	From 6.11 to 6.11.3

Related CWEs

CWE-908

Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

References (3)

https://git.kernel.org/stable/c/7266a424b1e502745170322e3c27f697d12de627

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b4224f6bae3801d589f815672ec62800a1501b0d

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/c940627857eedca8407b84b40ceb4252b100d291

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.