Linux Kernel Vulnerability in Rockchip's Samsung HDPTX Implementation
CVE-2024-57799

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 11 January 2025

Summary

A vulnerability exists within the Linux kernel related to Rockchip's Samsung HDPTX implementation. Specifically, during the probe process, the function rk_hdptx_phy_runtime_resume() may be invoked before platform_set_drvdata() has been executed. This sequence can lead to a NULL pointer dereference when the return value from dev_get_drvdata() is accessed, resulting in potential system instability. Developers are advised to ensure platform_set_drvdata() is called before devm_pm_runtime_enable() to mitigate this issue effectively.

Affected Version(s)

Linux 553be2830c5f33308483e8118de748a2c69fe593 < 7061849a4a1752a06944a819dd1f7bfd58df7383

Linux 553be2830c5f33308483e8118de748a2c69fe593 < 9d23e48654620fdccfcc74cc2cef04eaf7353d07

Linux 6.9

References

https://git.kernel.org/stable/c/7061849a4a1752a06944a819d...

https://git.kernel.org/stable/c/9d23e48654620fdccfcc74cc2...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 11, 2025
Vulnerability Reserved
Jan 11, 2025