Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2024-39498 | Mondoo Vulnerability Intelligence

CVE-2024-39498

MEDIUM5.5

drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2

Published Jul 12, 2024

Modified 8 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2

[Why] Commit:

commit 5aa1dfcdf0a4 ("drm/mst: Refactor the flow for payload allocation/removement") accidently overwrite the commit
commit 54d217406afe ("drm: use mgr->dev in drm_dbg_kms in drm_dp_add_payload_part2") which cause regression.

[How] Recover the original NULL fix and remove the unnecessary input parameter 'state' for drm_dp_add_payload_part2().

(cherry picked from commit 4545614c1d8da603e57b60dd66224d81b6ffc305)

References

WEBhttps://git.kernel.org/stable/c/5a507b7d2be15fddb95bf8dee01110b723e2bcd9 WEBhttps://git.kernel.org/stable/c/8e21de5f99b2368a5155037ce0aae8aaba3f5241 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-39498

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedJul 12, 2024

ModifiedMay 4, 2025