CVE-2024-53056

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 19, 2024
Updated: Nov 22, 2024
CWE ID 476

Summary

CVE-2024-53056 is a vulnerability affecting the Linux kernel that has been addressed. In the context of the Mediatek drm subsystem, a NULL dereference issue was identified in the function mtk_crtc_destroy(). This occurs when mtk_crtc_create() fails to obtain a channel during initialization, resulting in a NULL pointer for mtk_crtc->cmdq_client.chan. Subsequently, during cleanup, cmdq_pkt_destroy() is called unnecessarily on this NULL pointer, resulting in a potential NULL dereference. This issue has been rectified to prevent such unwarranted calls to cmdq_pkt_destroy().

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share