CVE-2024-56666

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 27, 2024
Updated: Jan 6, 2025
CWE ID 476

Summary

CVE-2024-56666 is a newly identified vulnerability in the Linux kernel. Specifically, in the drm/amdkfd driver, the function pqm_uninit contains a call-assignment of "pdd = kfd_get_process_device_data," which may return null. This null value was later dereferenced without proper checking, leading to a potential dereference of a null pointer. If exploited, this vulnerability could result in system instability or even a complete system crash. Linux users are encouraged to apply the relevant patch as soon as possible to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share