CVE-2024-57798
ADVISORY - nistSummary
In the Linux kernel, the following vulnerability has been resolved:
drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()
While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req().
Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used.
v2: Fix kfreeing the request if getting an mst_primary reference fails.
EPSS Score: 0.00029 (0.075)
Common Weakness Enumeration (CWE)
NIST
CVSS SCORE
7.8highDebian
CREATED
UPDATED
ADVISORY IDCVE-2024-57798
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2024-57798
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
7.8highAmazon
CREATED
UPDATED
ADVISORY IDALAS2023-2025-809
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AhighOracle
CREATED
UPDATED
ADVISORY IDELSA-2025-20480
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AhighOracle
CREATED
UPDATED
ADVISORY IDELSA-2025-20530
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AhighOracle
CREATED
UPDATED
ADVISORY IDELSA-2025-6966
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumPhoton
CREATED
UPDATED
ADVISORY ID
CVE-2024-57798
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-