CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-49916: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw

This commit addresses a potential null pointer dereference issue in the
`dcn401_init_hw` function. The issue could occur when `dc->clk_mgr` or
`dc->clk_mgr->funcs` is null.

The fix adds a check to ensure `dc->clk_mgr` and `dc->clk_mgr->funcs` is
not null before accessing its functions. This prevents a potential null
pointer dereference.

Reported by smatch:
drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn401/dcn401_hwseq.c:416 dcn401_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 225)

Classification

CVE ID: CVE-2024-49916

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.03% (probability of being exploited)

EPSS Percentile: 7.33% (scored less or equal to compared to others)

EPSS Date: 2025-06-02 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: partial

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2024-49916
https://git.kernel.org/stable/c/ac1c41e318074d8a9ea925787e366be15d7645e8
https://git.kernel.org/stable/c/4b6377f0e96085cbec96eb7f0b282430ccdd3d75

Timeline

2025-03-06 09:45:31 UTC
Tenable Plugins

Linux Distros Unpatched Vulnerability : CVE-2024-49916
2025-05-04 10:40:20 UTC
CVE

drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw