Linux Kernel Vulnerability in DRM Module Affecting Display Management
CVE-2024-56369

5.5MEDIUM

Key Information:

Vendor
Linux
Status
Vendor
CVE Published:
11 January 2025

Summary

A vulnerability exists in the Linux kernel's DRM subsystem where the drm_mode_vrefresh() function inadequately handles potential divide by zero scenarios. Although there are checks to verify if htotal or vtotal are zero, an edge case may still lead to a division by zero error, resulting in potential system instability or crashes. This has prompted the need for a critical update to ensure the robustness of the display management functionalities.

Affected Version(s)

Linux 2f0e9d804935970a4ce0f58dd046b41881bfd8f3

Linux 2f0e9d804935970a4ce0f58dd046b41881bfd8f3 < 69fbb01e891701e6d04db1ddb5ad49e42c4dd963

Linux 2f0e9d804935970a4ce0f58dd046b41881bfd8f3

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.