Linux Kernel drm/sti Error Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's Direct Rendering Manager (DRM) subsystem, specifically within the STI (Société de Transport de l'Île) driver, has been addressed. The issue involved a potential dereference of error pointers, which could lead to unintended behavior. The vulnerability arose because the return value of the 'drm_atomic_get_crtc_state()' function was not properly checked, allowing for the possibility of using an erroneous 'crtc_state' pointer in the event of a failure.

Impact

The vulnerability could lead to a null pointer dereference, potentially causing a system crash or other unintended behavior.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel drm/sti Error Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating