{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-36014", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.153Z", "datePublished": "2024-05-29T06:06:25.631Z", "dateUpdated": "2024-11-05T09:26:48.127Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:26:48.127Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/arm/malidp: fix a possible null pointer dereference\n\nIn malidp_mw_connector_reset, new memory is allocated with kzalloc, but\nno check is performed. In order to prevent null pointer dereferencing,\nensure that mw_state is checked before calling\n__drm_atomic_helper_connector_reset."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/arm/malidp_mw.c"], "versions": [{"version": "8cbc5caf36ef", "lessThan": "b6cc5dd06336", "status": "affected", "versionType": "git"}, {"version": "8cbc5caf36ef", "lessThan": "565d9ad7e5a1", "status": "affected", "versionType": "git"}, {"version": "8cbc5caf36ef", "lessThan": "a5fa5b40a278", "status": "affected", "versionType": "git"}, {"version": "8cbc5caf36ef", "lessThan": "3e54d4e95120", "status": "affected", "versionType": "git"}, {"version": "8cbc5caf36ef", "lessThan": "e4b52d493833", "status": "affected", "versionType": "git"}, {"version": "8cbc5caf36ef", "lessThan": "335cc45ef2b8", "status": "affected", "versionType": "git"}, {"version": "8cbc5caf36ef", "lessThan": "b77620730f61", "status": "affected", "versionType": "git"}, {"version": "8cbc5caf36ef", "lessThan": "93f76ec1eddc", "status": "affected", "versionType": "git"}, {"version": "8cbc5caf36ef", "lessThan": "a1f95aede628", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/arm/malidp_mw.c"], "versions": [{"version": "4.19", "status": "affected"}, {"version": "0", "lessThan": "4.19", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.316", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.278", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.219", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.161", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.93", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.33", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.12", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.3", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/b6cc5dd06336ed8bb3a7a1fc5aaf7d5e88bc0818"}, {"url": "https://git.kernel.org/stable/c/565d9ad7e5a18eb69ed8b66a9e9bb3f45346520c"}, {"url": "https://git.kernel.org/stable/c/a5fa5b40a278a3ca978fed64707bd27614adb1eb"}, {"url": "https://git.kernel.org/stable/c/3e54d4e95120641216dfe91a6c49f116a9f68490"}, {"url": "https://git.kernel.org/stable/c/e4b52d49383306ef73fd1bd9102538beebb0fe07"}, {"url": "https://git.kernel.org/stable/c/335cc45ef2b81b68be63c698b4f867a530bdf7a5"}, {"url": "https://git.kernel.org/stable/c/b77620730f614059db2470e8ebab3e725280fc6d"}, {"url": "https://git.kernel.org/stable/c/93f76ec1eddce60dbb5885cbc0d7df54adee4639"}, {"url": "https://git.kernel.org/stable/c/a1f95aede6285dba6dd036d907196f35ae3a11ea"}], "title": "drm/arm/malidp: fix a possible null pointer dereference", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-13T20:39:41.355184Z", "id": "CVE-2024-36014", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-13T20:39:53.091Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:30:12.131Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b6cc5dd06336ed8bb3a7a1fc5aaf7d5e88bc0818", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/565d9ad7e5a18eb69ed8b66a9e9bb3f45346520c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a5fa5b40a278a3ca978fed64707bd27614adb1eb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3e54d4e95120641216dfe91a6c49f116a9f68490", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e4b52d49383306ef73fd1bd9102538beebb0fe07", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/335cc45ef2b81b68be63c698b4f867a530bdf7a5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b77620730f614059db2470e8ebab3e725280fc6d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/93f76ec1eddce60dbb5885cbc0d7df54adee4639", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a1f95aede6285dba6dd036d907196f35ae3a11ea", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b6cc5dd06336ed8bb3a7a1fc5aaf7d5e88bc0818", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/565d9ad7e5a18eb69ed8b66a9e9bb3f45346520c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a5fa5b40a278a3ca978fed64707bd27614adb1eb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3e54d4e95120641216dfe91a6c49f116a9f68490", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e4b52d49383306ef73fd1bd9102538beebb0fe07", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/335cc45ef2b81b68be63c698b4f867a530bdf7a5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b77620730f614059db2470e8ebab3e725280fc6d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/93f76ec1eddce60dbb5885cbc0d7df54adee4639", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a1f95aede6285dba6dd036d907196f35ae3a11ea", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:30:12.131Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-36014", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-13T20:39:41.355184Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-13T20:39:49.711Z"}}], "cna": {"title": "drm/arm/malidp: fix a possible null pointer dereference", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "8cbc5caf36ef", "lessThan": "b6cc5dd06336", "versionType": "git"}, {"status": "affected", "version": "8cbc5caf36ef", "lessThan": "565d9ad7e5a1", "versionType": "git"}, {"status": "affected", "version": "8cbc5caf36ef", "lessThan": "a5fa5b40a278", "versionType": "git"}, {"status": "affected", "version": "8cbc5caf36ef", "lessThan": "3e54d4e95120", "versionType": "git"}, {"status": "affected", "version": "8cbc5caf36ef", "lessThan": "e4b52d493833", "versionType": "git"}, {"status": "affected", "version": "8cbc5caf36ef", "lessThan": "335cc45ef2b8", "versionType": "git"}, {"status": "affected", "version": "8cbc5caf36ef", "lessThan": "b77620730f61", "versionType": "git"}, {"status": "affected", "version": "8cbc5caf36ef", "lessThan": "93f76ec1eddc", "versionType": "git"}, {"status": "affected", "version": "8cbc5caf36ef", "lessThan": "a1f95aede628", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/arm/malidp_mw.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.19"}, {"status": "unaffected", "version": "0", "lessThan": "4.19", "versionType": "custom"}, {"status": "unaffected", "version": "4.19.316", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.278", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.219", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.161", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.93", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.33", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.12", "versionType": "custom", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9.3", "versionType": "custom", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/arm/malidp_mw.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/b6cc5dd06336ed8bb3a7a1fc5aaf7d5e88bc0818"}, {"url": "https://git.kernel.org/stable/c/565d9ad7e5a18eb69ed8b66a9e9bb3f45346520c"}, {"url": "https://git.kernel.org/stable/c/a5fa5b40a278a3ca978fed64707bd27614adb1eb"}, {"url": "https://git.kernel.org/stable/c/3e54d4e95120641216dfe91a6c49f116a9f68490"}, {"url": "https://git.kernel.org/stable/c/e4b52d49383306ef73fd1bd9102538beebb0fe07"}, {"url": "https://git.kernel.org/stable/c/335cc45ef2b81b68be63c698b4f867a530bdf7a5"}, {"url": "https://git.kernel.org/stable/c/b77620730f614059db2470e8ebab3e725280fc6d"}, {"url": "https://git.kernel.org/stable/c/93f76ec1eddce60dbb5885cbc0d7df54adee4639"}, {"url": "https://git.kernel.org/stable/c/a1f95aede6285dba6dd036d907196f35ae3a11ea"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/arm/malidp: fix a possible null pointer dereference\n\nIn malidp_mw_connector_reset, new memory is allocated with kzalloc, but\nno check is performed. In order to prevent null pointer dereferencing,\nensure that mw_state is checked before calling\n__drm_atomic_helper_connector_reset."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-15T06:46:50.770Z"}}}, "cveMetadata": {"cveId": "CVE-2024-36014", "state": "PUBLISHED", "dateUpdated": "2024-08-02T03:30:12.131Z", "dateReserved": "2024-05-17T13:50:33.153Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-29T06:06:25.631Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/arm/malidp: fix a possible null pointer dereference\n\nIn malidp_mw_connector_reset, new memory is allocated with kzalloc, but\nno check is performed. In order to prevent null pointer dereferencing,\nensure that mw_state is checked before calling\n__drm_atomic_helper_connector_reset."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/arm/malidp: corrige una posible desreferencia del puntero nulo En malidp_mw_connector_reset, se asigna nueva memoria con kzalloc, pero no se realiza ninguna verificaci\u00f3n. Para evitar la desreferenciaci\u00f3n del puntero nulo, aseg\u00farese de que mw_state est\u00e9 marcado antes de llamar a __drm_atomic_helper_connector_reset."}], "id": "CVE-2024-36014", "lastModified": "2024-11-21T09:21:26.237", "metrics": {}, "published": "2024-05-29T07:15:10.177", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/335cc45ef2b81b68be63c698b4f867a530bdf7a5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3e54d4e95120641216dfe91a6c49f116a9f68490"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/565d9ad7e5a18eb69ed8b66a9e9bb3f45346520c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/93f76ec1eddce60dbb5885cbc0d7df54adee4639"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a1f95aede6285dba6dd036d907196f35ae3a11ea"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a5fa5b40a278a3ca978fed64707bd27614adb1eb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b6cc5dd06336ed8bb3a7a1fc5aaf7d5e88bc0818"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b77620730f614059db2470e8ebab3e725280fc6d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e4b52d49383306ef73fd1bd9102538beebb0fe07"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/335cc45ef2b81b68be63c698b4f867a530bdf7a5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/3e54d4e95120641216dfe91a6c49f116a9f68490"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/565d9ad7e5a18eb69ed8b66a9e9bb3f45346520c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/93f76ec1eddce60dbb5885cbc0d7df54adee4639"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/a1f95aede6285dba6dd036d907196f35ae3a11ea"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/a5fa5b40a278a3ca978fed64707bd27614adb1eb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/b6cc5dd06336ed8bb3a7a1fc5aaf7d5e88bc0818"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/b77620730f614059db2470e8ebab3e725280fc6d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/e4b52d49383306ef73fd1bd9102538beebb0fe07"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: drm/arm/malidp: fix a possible null pointer dereference", "id": "2283785", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283785"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/arm/malidp: fix a possible null pointer dereference\nIn malidp_mw_connector_reset, new memory is allocated with kzalloc, but\nno check is performed. In order to prevent null pointer dereferencing,\nensure that mw_state is checked before calling\n__drm_atomic_helper_connector_reset.", "A null pointer dereference vulnerability was found in the Linux kernel. In malidp_mw_connector_reset, new memory is allocated with kzalloc but no check is performed."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-36014", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-36014\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-36014\nhttps://lore.kernel.org/linux-cve-announce/2024052935-CVE-2024-36014-bcb7@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 6.10-rc1"}