vulnerability
Oracle Linux: CVE-2024-26649: ELSA-2024-7000: kernel security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:M/C:N/I:N/A:C) | 2024-03-26 | 2024-10-16 | 2024-12-10 |
Severity
4
CVSS
(AV:L/AC:L/Au:M/C:N/I:N/A:C)
Published
2024-03-26
Added
2024-10-16
Modified
2024-12-10
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix the null pointer when load rlc firmware
If the RLC firmware is invalid because of wrong header size,
the pointer to the rlc firmware is released in function
amdgpu_ucode_request. There will be a null pointer error
in subsequent use. So skip validation to fix it.
A vulnerability was found in the drm/amdgpu driver of Linux Kernel, causing null pointer dereference when attempting to load RLC (Run-Length Coding) firmware. This issue arises if the firmware has an incorrect header size, causing premature release of the firmware pointer in amdgpu_ucode_request(), subsequently attempts to use the nullified pointer result in errors.
drm/amdgpu: Fix the null pointer when load rlc firmware
If the RLC firmware is invalid because of wrong header size,
the pointer to the rlc firmware is released in function
amdgpu_ucode_request. There will be a null pointer error
in subsequent use. So skip validation to fix it.
A vulnerability was found in the drm/amdgpu driver of Linux Kernel, causing null pointer dereference when attempting to load RLC (Run-Length Coding) firmware. This issue arises if the firmware has an incorrect header size, causing premature release of the firmware pointer in amdgpu_ucode_request(), subsequently attempts to use the nullified pointer result in errors.
Solution
oracle-linux-upgrade-kernel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.