Vulnerability identifier: #VU92915
Vulnerability risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-476
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the msm_dsi_phy_driver_unregister() function in drivers/gpu/drm/msm/dsi/phy/dsi_phy.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe
https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd
https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100
https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5
https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7
https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951
https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.