CVE-2024-56538

HIGH7.8

drm: zynqmp_kms: Unplug DRM device before removal

Published Dec 27, 2024

Modified 8 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

drm: zynqmp_kms: Unplug DRM device before removal

Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace accesses to result in an error without further calls into this driver's internals.

References

WEBhttps://git.kernel.org/stable/c/2e07c88914fc5289c21820b1aa94f058feb38197 WEBhttps://git.kernel.org/stable/c/4fb97432e28a7e136b2d76135d50e988ada8e1af WEBhttps://git.kernel.org/stable/c/692f52aedccbf79b212a1e14e3735192b4c24a7d WEBhttps://git.kernel.org/stable/c/a17b9afe58c474657449cf87e238b1788200576b ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-56538

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedDec 27, 2024

ModifiedMay 4, 2025