CVE-2024-56369

MEDIUM5.5

drm/modes: Avoid divide by zero harder in drm_mode_vrefresh()

Published Jan 11, 2025

Modified 2 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/modes: Avoid divide by zero harder in drm_mode_vrefresh()

drm_mode_vrefresh() is trying to avoid divide by zero by checking whether htotal or vtotal are zero. But we may still end up with a div-by-zero of vtotalhtotal...

References

WEBhttps://git.kernel.org/stable/c/47c8b6cf1d08f0ad40d7ea7b025442e51b35ee1f WEBhttps://git.kernel.org/stable/c/69fbb01e891701e6d04db1ddb5ad49e42c4dd963 WEBhttps://git.kernel.org/stable/c/9398332f23fab10c5ec57c168b44e72997d6318e WEBhttps://git.kernel.org/stable/c/b39de5a71bac5641d0fda33d1cf5682d82cf1ae5 WEBhttps://git.kernel.org/stable/c/e7c7b48a0fc5ed83baae400a1b15e33978c25d7f WEBhttps://lists.debian.org/debian-lts-announce/2025/03/msg00001.html ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-56369

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedJan 11, 2025

ModifiedNov 3, 2025

CVE-2024-56369 | Mondoo Vulnerability Intelligence