CVE-2024-53115: drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle

0.0 CVSS

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle

The 'vmw_user_object_buffer' function may return NULL with incorrect
inputs. To avoid possible null pointer dereference, add a check whether
the 'bo' is NULL in the vmw_framebuffer_surface_create_handle.

Classification

CVE ID: CVE-2024-53115

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://git.kernel.org/stable/c/36f64da080555175b58d85f99f5f90435e274e56
https://git.kernel.org/stable/c/93d1f41a82de382845af460bf03bcb17dcbf08c5

Timeline

2024-12-03 00:12:48 UTC
CVE

drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle