CVE-2024-57887

Updated: 2025-02-12 00:17:00.769348

Description:

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533_attach_dsi() The host_node pointer was assigned and freed in adv7533_parse_dt(), and later, adv7533_attach_dsi() uses the same. Fix this use-after-free issue by dropping of_node_put() in adv7533_parse_dt() and calling of_node_put() in error path of probe() and also in the remove().


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Needs Triage 2025-01-25 23:57:22
AlmaLinux 9.2 FIPS kernel 5.14.0 7.8 HIGH Needs Triage 2025-01-25 23:57:20
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Needs Triage 2025-01-25 23:57:24
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Needs Triage 2025-01-25 23:57:23
CentOS Stream 8 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2025-02-19 06:50:14
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.8 HIGH Released CLSA-2025:1738696174 2025-02-05 02:14:57
Ubuntu 18.04 ELS linux 4.15.0 7.8 HIGH Released CLSA-2025:1738852812 2025-02-07 11:22:47