CVE-2024-49911

drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointer in the dcn20_set_output_transfer_func function. Previously, set_output_gamma was being checked for null at line 1030, but then it was being dereferenced without any null check at line 1048. This could potentially lead to a null pointer dereference error if set_output_gamma is null. To fix this, we now ensure that set_output_gamma is not null before dereferencing it. We do this by adding a null check for set_output_gamma before the call to set_output_gamma at line 1048.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/e8a24767899c86f4c5f1e4d3b2608942d054900f
https://git.kernel.org/stable/c/8c854138b593efbbd8fa46a25f3288c121c1d1a1
https://git.kernel.org/stable/c/02411e9359297512946705b1cd8cf5e6b0806fa0 patch
https://git.kernel.org/stable/c/827380b114f83c30b3e56d1a675980b6d65f7c88 patch
https://git.kernel.org/stable/c/62ed6f0f198da04e884062264df308277628004f patch

Frequently Asked Questions

What is the severity of CVE-2024-49911?
CVE-2024-49911 has been scored as a medium severity vulnerability.
How to fix CVE-2024-49911?
To fix CVE-2024-49911, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-49911 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-49911 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-49911?
CVE-2024-49911 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.