vulnerability

Red Hat: CVE-2024-57798: kernel: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (Multiple Advisories)

Name: Red Hat: CVE-2024-57798: kernel: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (Multiple Advisories)
Creator: Red Hat
Published: 2025-01-11T00:00:00.000Z
Keywords: CVE, CWE-416, CWE-476, Red Hat, 2024, 57798, kernel, redhat-upgrade-kernel, redhat-upgrade-kernel-rt, Severity 7

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:M/C:C/I:C/A:C)

Published

Jan 11, 2025

Added

May 15, 2025

Modified

Jun 12, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()

While receiving an MST up request message from one thread in
drm_dp_mst_handle_up_req(), the MST topology could be removed from
another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing
mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL.
This could lead to a NULL deref/use-after-free of mst_primary in
drm_dp_mst_handle_up_req().

Avoid the above by holding a reference for mst_primary in
drm_dp_mst_handle_up_req() while it's used.

v2: Fix kfreeing the request if getting an mst_primary reference fails.

Solutions

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report