SB20240531419 - NULL pointer dereference in Linux kernel drm tegra driver

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2023-52650)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tegra_dsi_ganged_probe() function in drivers/gpu/drm/tegra/dsi.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/47a13d0b9d8527518639ab5c39667f69d6203e80
• https://git.kernel.org/stable/c/f05631a8525c3b5e5994ecb1304d2d878956c0f5
• https://git.kernel.org/stable/c/92003981a6df5dc84af8a5904f8ee112fa324129
• https://git.kernel.org/stable/c/93128052bf832359531c3c0a9e3567b2b8682a2d
• https://git.kernel.org/stable/c/50c0ad785a780c72a2fdaba10b38c645ffb4eae6
• https://git.kernel.org/stable/c/52aa507148c4aad41436e2005d742ffcafad9976
• https://git.kernel.org/stable/c/c5d2342d24ef6e08fc90a529fe3dc59de421a2b9
• https://git.kernel.org/stable/c/3169eaf1365541fd8e521091010c44fbe14691fc
• https://git.kernel.org/stable/c/afe6fcb9775882230cd29b529203eabd5d2a638d
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.311
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.214
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.153
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.273
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.83
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.23
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.11
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.2