CVE-2024-57798

Updated: 2026-02-27 01:27:03.993415

Description:

In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one thread in drm_dp_mst_handle_up_req(), the MST topology could be removed from another thread via drm_dp_mst_topology_mgr_set_mst(false), freeing mst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL. This could lead to a NULL deref/use-after-free of mst_primary in drm_dp_mst_handle_up_req(). Avoid the above by holding a reference for mst_primary in drm_dp_mst_handle_up_req() while it's used. v2: Fix kfreeing the request if getting an mst_primary reference fails.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0.0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Released CLSA-2025:1743193221 2025-03-29 03:48:32
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2025-02-24 06:40:08
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2025:1740649075 2025-03-14 23:27:28
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2025:1747688514 2025-05-21 01:45:46
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2025:1747688831 2025-05-21 01:45:47
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Released CLSA-2025:1742472545 2025-03-21 03:33:13
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2025-02-24 06:40:08
CloudLinux 7 ELS kernel 3.10.0 7.8 HIGH Ignored 2025-02-24 06:40:07 CloudLinux 6 and 7 support is limited and provided on demand. We strongly recommend upgrading to Clo...
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2025-02-24 06:40:07
Oracle Linux 7 ELS kernel 3.10.0 7.8 HIGH Released CLSA-2025:1742322442 2025-03-25 03:28:40
Total: 15