Linux Kernel NULL Pointer Dereference Vulnerability in AMD Display Driver

A vulnerability allowing a NULL pointer dereference has been identified in the Linux kernel's AMD display driver. This issue arises in the 'drm/amd/display' component, specifically within the 'amdgpu_dm' display manager. The vulnerability exists because the functions 'drm_atomic_get_new_connector_state()' and 'drm_atomic_get_old_connector_state()' can potentially return NULL, although this is unlikely. The problem has been addressed by adding a check to ensure these functions do not return NULL before dereferencing them.

Impact

Exploitation of this vulnerability could lead to a NULL pointer dereference, causing a crash or undefined behavior in the kernel.

Reproduction

The vulnerability can be reproduced by invoking the 'amdgpu_dm_connector_atomic_check' function without proper validation of the connector state. This can be done by simulating a scenario where the 'drm_atomic_get_new_connector_state()' or 'drm_atomic_get_old_connector_state()' functions return NULL. The absence of a NULL check before dereferencing these states can be exploited, leading to a crash or instability.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. The specific commit addressing this issue is available in the Linux kernel stable tree.