CVE-2024-26721: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address Commit bd077259d0a9 ("drm/i915/vdsc: Add function to read any PPS register") defines a new macro to calculate the DSC PPS register addresses with PPS number as an input. This macro correctly calculates the addresses till PPS 11 since the addresses increment by 4. So in that case the following macro works correctly to give correct register address: _MMIO(_DSCA_PPS_0 + (pps) * 4) However after PPS 11, the register address for PPS 12 increments by 12 because of RC Buffer memory allocation in between. Because of this discontinuity in the address space, the macro calculates wrong addresses for PPS 12 - 16 resulting into incorrect DSC PPS parameter value read/writes causing DSC corruption. This fixes it by correcting this macro to add the offset of 12 for PPS >=12. v3: Add correct paranthesis for pps argument (Jani Nikula) (cherry picked from commit 6074be620c31dc2ae11af96a1a5ea95580976fb5)
AI Analysis
Technical Summary
CVE-2024-26721 is a vulnerability in the Linux kernel's Direct Rendering Manager (DRM) subsystem, specifically within the Intel i915 graphics driver related to Display Stream Compression (DSC) Picture Parameter Set (PPS) register address calculation. The vulnerability arises from an incorrect macro used to compute the memory-mapped I/O (MMIO) register addresses for DSC PPS registers beyond PPS 11. The original macro assumed a uniform increment of 4 bytes between consecutive PPS registers, which holds true up to PPS 11. However, starting at PPS 12, the register address increments by 12 bytes due to the presence of RC Buffer memory allocation, causing a discontinuity in the address space. This discrepancy leads to incorrect register address calculations for PPS 12 through PPS 16, resulting in erroneous read/write operations on DSC PPS parameters. Consequently, this can cause DSC corruption, potentially affecting the integrity of compressed display data. The patch corrects the macro by adding an offset of 12 bytes for PPS values greater than or equal to 12, ensuring accurate register address computation. The fix also includes proper parenthesis usage for the macro argument to prevent operator precedence issues. This vulnerability is rooted in a low-level hardware driver component, impacting the graphics subsystem's ability to correctly handle compressed video streams, which could degrade display quality or cause instability in graphics rendering. No known exploits are currently reported in the wild, and the vulnerability requires kernel-level access to manifest, limiting its exploitation scope. However, because it affects the Linux kernel's graphics driver, it is relevant for any Linux systems using Intel integrated graphics with DSC support, particularly in environments where high-fidelity video compression and display are critical.
Potential Impact
For European organizations, the impact of CVE-2024-26721 primarily concerns systems running Linux with Intel integrated graphics that utilize DSC technology. This includes a wide range of devices from desktops and laptops to servers with graphical output capabilities. The DSC corruption caused by incorrect register addressing could lead to degraded visual output, display artifacts, or potential instability in graphical applications. In sectors such as media production, broadcasting, digital signage, and any industry relying on high-quality video streaming or visualization, this could disrupt operations or reduce output quality. Additionally, while this vulnerability does not directly expose data confidentiality or enable privilege escalation, corrupted graphics processing could indirectly affect user experience and operational reliability. For organizations deploying Linux-based thin clients or virtual desktop infrastructure (VDI) solutions with Intel graphics, this could impair remote display performance. Given the Linux kernel's widespread use in European government, research, and enterprise environments, unpatched systems might experience reduced system stability or require troubleshooting related to graphics anomalies. However, the lack of known exploits and the requirement for kernel-level access reduce the immediate risk of targeted attacks exploiting this vulnerability.
Mitigation Recommendations
To mitigate CVE-2024-26721, European organizations should prioritize applying the official Linux kernel patches that correct the DSC PPS register address calculation macro. This involves updating to the Linux kernel version that includes commit 6074be620c31dc2ae11af96a1a5ea95580976fb5 or later. System administrators should verify the kernel version and ensure that all affected systems with Intel i915 graphics drivers are updated promptly. For environments where kernel updates are challenging, consider recompiling the i915 driver with the patched macro if feasible. Additionally, organizations should monitor graphics subsystem logs for anomalies or errors related to DSC processing, which might indicate the presence of this issue. Testing graphics-intensive applications after patching is recommended to confirm resolution. Since this vulnerability affects low-level driver code, avoid deploying untrusted or unsigned kernel modules that could exacerbate stability issues. Finally, maintain robust system monitoring and incident response capabilities to detect any unusual behavior potentially linked to graphics subsystem faults.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Denmark, Ireland, Belgium, Italy
CVE-2024-26721: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address Commit bd077259d0a9 ("drm/i915/vdsc: Add function to read any PPS register") defines a new macro to calculate the DSC PPS register addresses with PPS number as an input. This macro correctly calculates the addresses till PPS 11 since the addresses increment by 4. So in that case the following macro works correctly to give correct register address: _MMIO(_DSCA_PPS_0 + (pps) * 4) However after PPS 11, the register address for PPS 12 increments by 12 because of RC Buffer memory allocation in between. Because of this discontinuity in the address space, the macro calculates wrong addresses for PPS 12 - 16 resulting into incorrect DSC PPS parameter value read/writes causing DSC corruption. This fixes it by correcting this macro to add the offset of 12 for PPS >=12. v3: Add correct paranthesis for pps argument (Jani Nikula) (cherry picked from commit 6074be620c31dc2ae11af96a1a5ea95580976fb5)
AI-Powered Analysis
Technical Analysis
CVE-2024-26721 is a vulnerability in the Linux kernel's Direct Rendering Manager (DRM) subsystem, specifically within the Intel i915 graphics driver related to Display Stream Compression (DSC) Picture Parameter Set (PPS) register address calculation. The vulnerability arises from an incorrect macro used to compute the memory-mapped I/O (MMIO) register addresses for DSC PPS registers beyond PPS 11. The original macro assumed a uniform increment of 4 bytes between consecutive PPS registers, which holds true up to PPS 11. However, starting at PPS 12, the register address increments by 12 bytes due to the presence of RC Buffer memory allocation, causing a discontinuity in the address space. This discrepancy leads to incorrect register address calculations for PPS 12 through PPS 16, resulting in erroneous read/write operations on DSC PPS parameters. Consequently, this can cause DSC corruption, potentially affecting the integrity of compressed display data. The patch corrects the macro by adding an offset of 12 bytes for PPS values greater than or equal to 12, ensuring accurate register address computation. The fix also includes proper parenthesis usage for the macro argument to prevent operator precedence issues. This vulnerability is rooted in a low-level hardware driver component, impacting the graphics subsystem's ability to correctly handle compressed video streams, which could degrade display quality or cause instability in graphics rendering. No known exploits are currently reported in the wild, and the vulnerability requires kernel-level access to manifest, limiting its exploitation scope. However, because it affects the Linux kernel's graphics driver, it is relevant for any Linux systems using Intel integrated graphics with DSC support, particularly in environments where high-fidelity video compression and display are critical.
Potential Impact
For European organizations, the impact of CVE-2024-26721 primarily concerns systems running Linux with Intel integrated graphics that utilize DSC technology. This includes a wide range of devices from desktops and laptops to servers with graphical output capabilities. The DSC corruption caused by incorrect register addressing could lead to degraded visual output, display artifacts, or potential instability in graphical applications. In sectors such as media production, broadcasting, digital signage, and any industry relying on high-quality video streaming or visualization, this could disrupt operations or reduce output quality. Additionally, while this vulnerability does not directly expose data confidentiality or enable privilege escalation, corrupted graphics processing could indirectly affect user experience and operational reliability. For organizations deploying Linux-based thin clients or virtual desktop infrastructure (VDI) solutions with Intel graphics, this could impair remote display performance. Given the Linux kernel's widespread use in European government, research, and enterprise environments, unpatched systems might experience reduced system stability or require troubleshooting related to graphics anomalies. However, the lack of known exploits and the requirement for kernel-level access reduce the immediate risk of targeted attacks exploiting this vulnerability.
Mitigation Recommendations
To mitigate CVE-2024-26721, European organizations should prioritize applying the official Linux kernel patches that correct the DSC PPS register address calculation macro. This involves updating to the Linux kernel version that includes commit 6074be620c31dc2ae11af96a1a5ea95580976fb5 or later. System administrators should verify the kernel version and ensure that all affected systems with Intel i915 graphics drivers are updated promptly. For environments where kernel updates are challenging, consider recompiling the i915 driver with the patched macro if feasible. Additionally, organizations should monitor graphics subsystem logs for anomalies or errors related to DSC processing, which might indicate the presence of this issue. Testing graphics-intensive applications after patching is recommended to confirm resolution. Since this vulnerability affects low-level driver code, avoid deploying untrusted or unsigned kernel modules that could exacerbate stability issues. Finally, maintain robust system monitoring and incident response capabilities to detect any unusual behavior potentially linked to graphics subsystem faults.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-02-19T14:20:24.162Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d982ac4522896dcbe3919
Added to database: 5/21/2025, 9:08:58 AM
Last enriched: 6/29/2025, 5:54:35 PM
Last updated: 7/27/2025, 1:35:34 AM
Views: 9
Related Threats
CVE-2025-8822: Stack-based Buffer Overflow in Linksys RE6250
HighCVE-2025-8821: OS Command Injection in Linksys RE6250
MediumCVE-2025-8817: Stack-based Buffer Overflow in Linksys RE6250
HighCVE-2025-8820: Stack-based Buffer Overflow in Linksys RE6250
HighCVE-2025-8819: Stack-based Buffer Overflow in Linksys RE6250
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.