CVE-2024-50117

Updated: 2025-02-27 14:00:26.028912

Description:

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ``` ? show_regs (arch/x86/kernel/dumpstack.c:478 (discriminator 1)) ? __die (arch/x86/kernel/dumpstack.c:423 arch/x86/kernel/dumpstack.c:434) ? page_fault_oops (arch/x86/mm/fault.c:544 (discriminator 2) arch/x86/mm/fault.c:705 (discriminator 2)) ? do_user_addr_fault (arch/x86/mm/fault.c:440 (discriminator 1) arch/x86/mm/fault.c:1232 (discriminator 1)) ? acpi_ut_update_object_reference (drivers/acpi/acpica/utdelete.c:642) ? exc_page_fault (arch/x86/mm/fault.c:1542) ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) ? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:387 (discriminator 2)) amdgpu ? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:386 (discriminator 1)) amdgpu ``` It has been encountered on at least one system, so guard for it. (cherry picked from commit c9b7c809b89f24e9372a4e7f02d64c950b07fdee)


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Ignored 2025-03-02 21:45:31
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2025-03-02 21:45:31
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2025-03-02 21:45:31
CentOS Stream 8 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2025-03-02 21:45:31
Ubuntu 16.04 ELS linux 4.4.0 5.5 MEDIUM Released CLSA-2025:1742319829 2025-03-18 23:41:33
Ubuntu 16.04 ELS linux-hwe 4.15.0 5.5 MEDIUM Released CLSA-2025:1742321198 2025-03-18 23:41:48
Ubuntu 18.04 ELS linux 4.15.0 5.5 MEDIUM Released CLSA-2025:1742319747 2025-03-18 23:42:06