Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2024-43906— drm/admgpu: fix dereferencing null pointer context

AI Predicted 5.5 Difficulty: Moderate EPSS 0.21% · P11

Affected Version Matrix 8

VendorProductVersion RangeStatus
LinuxLinux896b7addf2dc24908ad87f8ebeff83b2a83b8e04< 641dac64178ccdb9e45c92b67120316896294d05affected
896b7addf2dc24908ad87f8ebeff83b2a83b8e04< 4fd52f7c2c11d330571c6bde06e5ea508ec25c9daffected
896b7addf2dc24908ad87f8ebeff83b2a83b8e04< 030ffd4d43b433bc6671d9ec34fc12c59220b95daffected
6.2affected
< 6.2unaffected
6.6.46≤ 6.6.*unaffected
6.10.5≤ 6.10.*unaffected
6.11≤ *unaffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-43906

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
drm/admgpu: fix dereferencing null pointer context
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/admgpu: fix dereferencing null pointer context When user space sets an invalid ta type, the pointer context will be empty. So it need to check the pointer context before using it
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于未检查context指针是否为空,导致空指针取消引用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 896b7addf2dc24908ad87f8ebeff83b2a83b8e04 ~ 641dac64178ccdb9e45c92b67120316896294d05 -
LinuxLinux 6.2 -

II. Public POCs for CVE-2024-43906

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-43906

登录查看更多情报信息。

Other References for CVE-2024-43906 (3)

Same Patch Batch · Linux · 2024-08-26 · 39 CVEs total

CVE-2024-44934net: bridge: mcast: wait for previous gc cycles when removing port
CVE-2024-43909drm/amdgpu/pm: Fix the null pointer dereference for smu7
CVE-2024-43910bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses
CVE-2024-43911wifi: mac80211: fix NULL dereference at band check in starting tx ba session
CVE-2024-43912wifi: nl80211: disallow setting special AP channel widths
CVE-2024-43913nvme: apple: fix device reference counting
CVE-2024-43914md/raid5: avoid BUG_ON() while continue reshape after reassembling
CVE-2024-44931gpio: prevent potential speculation leaks in gpio_device_get_desc()
CVE-2024-44932idpf: fix UAFs when destroying the queues
CVE-2024-44933bnxt_en : Fix memory out-of-bounds in bnxt_fill_hw_rss_tbl()
CVE-2024-43908drm/amdgpu: Fix the null pointer dereference to ras_manager
CVE-2024-44935sctp: Fix null-ptr-deref in reuseport_add_sock().
CVE-2024-44936power: supply: rt5033: Bring back i2c_set_clientdata
CVE-2024-44937platform/x86: intel-vbtn: Protect ACPI notify handler against recursion
CVE-2024-44938jfs: Fix shift-out-of-bounds in dbDiscardAG
CVE-2024-44939jfs: fix null ptr deref in dtInsertEntry
CVE-2024-44940fou: remove warn in gue_gro_receive on unsupported protocol
CVE-2024-44941f2fs: fix to cover read extent cache access with lock
CVE-2024-44942f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC
CVE-2024-43896ASoC: cs-amp-lib: Fix NULL pointer crash if efi.get_variable is NULL

Showing top 20 of 39 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2024-43906

No comments yet


Leave a comment