In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Add check for drm_cvt_mode Add check for the return value of drm_cvt_mode() and return the error if it fails in order to avoid NULL pointer dereference.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Linux
  • Linux Kernel

Configuration 1 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

No data.

References
Link Providers
https://git.kernel.org/stable/c/3efe34f95b1ac8c138a46b14ce75956db0d6ee7c cve-icon cve-icon
https://git.kernel.org/stable/c/4b1f303bdeceac049e56e4b20eb5280bd9e02f4f cve-icon cve-icon
https://git.kernel.org/stable/c/4e87f592a46bb804d8f833da6ce702ae4b55053f cve-icon cve-icon
https://git.kernel.org/stable/c/62ef8d7816c8e4a6088275553818b9afc0ffaa03 cve-icon cve-icon
https://git.kernel.org/stable/c/7bd09a2db0f617377027a2bb0b9179e6959edff3 cve-icon cve-icon
https://git.kernel.org/stable/c/d4c57354a06cb4a77998ff8aa40af89eee30e07b cve-icon cve-icon
https://git.kernel.org/stable/c/f28b353c0c6c7831a70ccca881bf2db5e6785cdd cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024081726-CVE-2024-43829-72cb@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-43829 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-43829 cve-icon
History

Mon, 30 Sep 2024 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
Metrics cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Sat, 28 Sep 2024 02:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}

Wed, 11 Sep 2024 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 19 Aug 2024 19:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Mon, 19 Aug 2024 04:45:00 +0000

Type Values Removed Values Added
References

Sat, 17 Aug 2024 09:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Add check for drm_cvt_mode Add check for the return value of drm_cvt_mode() and return the error if it fails in order to avoid NULL pointer dereference.
Title drm/qxl: Add check for drm_cvt_mode
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-08-17T09:21:48.239Z

Updated: 2024-11-05T09:40:40.568Z

Reserved: 2024-08-17T09:11:59.273Z

Link: CVE-2024-43829

cve-icon Vulnrichment

Updated: 2024-09-11T12:42:23.164Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-17T10:15:08.787

Modified: 2024-09-30T12:51:56.770

Link: CVE-2024-43829

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-08-17T00:00:00Z

Links: CVE-2024-43829 - Bugzilla