CVE-2024-26941: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix divide-by-zero regression on DP MST unplug with nouveau Fix a regression when using nouveau and unplugging a StarTech MSTDP122DP DisplayPort 1.2 MST hub (the same regression does not appear when using a Cable Matters DisplayPort 1.4 MST hub). Trace: divide error: 0000 [#1] PREEMPT SMP PTI CPU: 7 PID: 2962 Comm: Xorg Not tainted 6.8.0-rc3+ #744 Hardware name: Razer Blade/DANA_MB, BIOS 01.01 08/31/2018 RIP: 0010:drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] Code: c6 b8 01 00 00 00 75 61 01 c6 41 0f af f3 41 0f af f1 c1 e1 04 48 63 c7 31 d2 89 ff 48 8b 5d f8 c9 48 0f af f1 48 8d 44 06 ff <48> f7 f7 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 45 31 RSP: 0018:ffffb2c5c211fa30 EFLAGS: 00010206 RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 0000000000f59b00 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffb2c5c211fa48 R08: 0000000000000001 R09: 0000000000000020 R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000023b4a R13: ffff91d37d165800 R14: ffff91d36fac6d80 R15: ffff91d34a764010 FS: 00007f4a1ca3fa80(0000) GS:ffff91d6edbc0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000559491d49000 CR3: 000000011d180002 CR4: 00000000003706f0 Call Trace: <TASK> ? show_regs+0x6d/0x80 ? die+0x37/0xa0 ? do_trap+0xd4/0xf0 ? do_error_trap+0x71/0xb0 ? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] ? exc_divide_error+0x3a/0x70 ? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] ? asm_exc_divide_error+0x1b/0x20 ? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] ? drm_dp_calc_pbn_mode+0x2e/0x70 [drm_display_helper] nv50_msto_atomic_check+0xda/0x120 [nouveau] drm_atomic_helper_check_modeset+0xa87/0xdf0 [drm_kms_helper] drm_atomic_helper_check+0x19/0xa0 [drm_kms_helper] nv50_disp_atomic_check+0x13f/0x2f0 [nouveau] drm_atomic_check_only+0x668/0xb20 [drm] ? drm_connector_list_iter_next+0x86/0xc0 [drm] drm_atomic_commit+0x58/0xd0 [drm] ? __pfx___drm_printfn_info+0x10/0x10 [drm] drm_atomic_connector_commit_dpms+0xd7/0x100 [drm] drm_mode_obj_set_property_ioctl+0x1c5/0x450 [drm] ? __pfx_drm_connector_property_set_ioctl+0x10/0x10 [drm] drm_connector_property_set_ioctl+0x3b/0x60 [drm] drm_ioctl_kernel+0xb9/0x120 [drm] drm_ioctl+0x2d0/0x550 [drm] ? __pfx_drm_connector_property_set_ioctl+0x10/0x10 [drm] nouveau_drm_ioctl+0x61/0xc0 [nouveau] __x64_sys_ioctl+0xa0/0xf0 do_syscall_64+0x76/0x140 ? do_syscall_64+0x85/0x140 ? do_syscall_64+0x85/0x140 entry_SYSCALL_64_after_hwframe+0x6e/0x76 RIP: 0033:0x7f4a1cd1a94f Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <41> 89 c0 3d 00 f0 ff ff 77 1f 48 8b 44 24 18 64 48 2b 04 25 28 00 RSP: 002b:00007ffd2f1df520 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007ffd2f1df5b0 RCX: 00007f4a1cd1a94f RDX: 00007ffd2f1df5b0 RSI: 00000000c01064ab RDI: 000000000000000f RBP: 00000000c01064ab R08: 000056347932deb8 R09: 000056347a7d99c0 R10: 0000000000000000 R11: 0000000000000246 R12: 000056347938a220 R13: 000000000000000f R14: 0000563479d9f3f0 R15: 0000000000000000 </TASK> Modules linked in: rfcomm xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo xt_addrtype nft_compat nf_tables nfnetlink br_netfilter bridge stp llc ccm cmac algif_hash overlay algif_skcipher af_alg bnep binfmt_misc snd_sof_pci_intel_cnl snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda snd_sof snd_sof_utils snd_soc_acpi_intel_match snd_soc_acpi snd_soc_core snd_compress snd_sof_intel_hda_mlink snd_hda_ext_core iwlmvm intel_rapl_msr intel_rapl_common intel_tcc_cooling x86_pkg_temp_thermal intel_powerclamp mac80211 coretemp kvm_intel snd_hda_codec_hdmi kvm snd_hda_ ---truncated---
AI Analysis
Technical Summary
CVE-2024-26941 is a vulnerability identified in the Linux kernel's Direct Rendering Manager (DRM) subsystem, specifically within the DisplayPort (DP) Multi-Stream Transport (MST) handling code when used with the nouveau open-source NVIDIA driver. The issue is a divide-by-zero error that occurs during the unplugging of a StarTech MSTDP122DP DisplayPort 1.2 MST hub. This regression was introduced in kernel version 6.8.0-rc3+ and manifests as a kernel panic or crash due to an unhandled divide error in the drm_dp_bw_overhead function within drm_display_helper. The vulnerability arises because the code does not properly handle the bandwidth overhead calculation when the MST hub is disconnected, leading to a division by zero. The problem is specific to the nouveau driver and the StarTech MST hub; it does not occur with other MST hubs such as the Cable Matters DisplayPort 1.4 MST hub. The kernel crash trace shows that the error propagates through various DRM atomic check and commit functions, ultimately causing the Xorg server to fail. This vulnerability affects Linux kernel versions containing the regression and impacts systems using the nouveau driver with the affected MST hub hardware. There is no indication that this vulnerability allows privilege escalation or remote code execution; rather, it causes a denial of service (DoS) by crashing the kernel or display server. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The issue has been resolved in a subsequent kernel update by adding proper checks to prevent the divide-by-zero condition.
Potential Impact
For European organizations, the primary impact of CVE-2024-26941 is a potential denial of service on Linux systems using the nouveau driver in conjunction with the StarTech MSTDP122DP DisplayPort 1.2 MST hub. This could lead to unexpected system crashes or display server failures, disrupting user productivity and potentially causing downtime in environments relying on multi-monitor setups with MST hubs. Organizations with Linux workstations or servers that utilize this specific hardware combination may experience instability, which could affect operational continuity, especially in sectors where Linux desktops or graphical workstations are common (e.g., software development, engineering, media production). Since the vulnerability does not appear to allow privilege escalation or remote exploitation, the risk of data breach or system compromise is low. However, the DoS impact could be significant in critical environments if the affected hardware is widely deployed. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to accidental crashes or targeted DoS attempts by local users or automated scripts.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should: 1) Identify Linux systems using the nouveau driver with StarTech MSTDP122DP DisplayPort 1.2 MST hubs. This can be done through hardware inventory and driver usage audits. 2) Apply the latest Linux kernel updates that include the fix for CVE-2024-26941 as soon as they become available, preferably from trusted distribution vendors or official kernel releases. 3) If immediate patching is not possible, consider temporarily avoiding the use of the affected MST hub hardware or switching to alternative MST hubs known not to trigger the issue, such as the Cable Matters DisplayPort 1.4 MST hub. 4) Monitor system logs for divide-by-zero or drm-related errors to detect potential crashes early. 5) Educate local users about the issue to prevent inadvertent unplugging of the MST hub during critical operations. 6) For environments where graphical stability is critical, consider using proprietary NVIDIA drivers instead of nouveau if compatible, as the issue is specific to the nouveau driver. 7) Maintain regular backups and system snapshots to recover quickly from any crashes caused by this vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Denmark, Belgium, Italy, Spain
CVE-2024-26941: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix divide-by-zero regression on DP MST unplug with nouveau Fix a regression when using nouveau and unplugging a StarTech MSTDP122DP DisplayPort 1.2 MST hub (the same regression does not appear when using a Cable Matters DisplayPort 1.4 MST hub). Trace: divide error: 0000 [#1] PREEMPT SMP PTI CPU: 7 PID: 2962 Comm: Xorg Not tainted 6.8.0-rc3+ #744 Hardware name: Razer Blade/DANA_MB, BIOS 01.01 08/31/2018 RIP: 0010:drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] Code: c6 b8 01 00 00 00 75 61 01 c6 41 0f af f3 41 0f af f1 c1 e1 04 48 63 c7 31 d2 89 ff 48 8b 5d f8 c9 48 0f af f1 48 8d 44 06 ff <48> f7 f7 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 45 31 RSP: 0018:ffffb2c5c211fa30 EFLAGS: 00010206 RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 0000000000f59b00 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffb2c5c211fa48 R08: 0000000000000001 R09: 0000000000000020 R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000023b4a R13: ffff91d37d165800 R14: ffff91d36fac6d80 R15: ffff91d34a764010 FS: 00007f4a1ca3fa80(0000) GS:ffff91d6edbc0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000559491d49000 CR3: 000000011d180002 CR4: 00000000003706f0 Call Trace: <TASK> ? show_regs+0x6d/0x80 ? die+0x37/0xa0 ? do_trap+0xd4/0xf0 ? do_error_trap+0x71/0xb0 ? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] ? exc_divide_error+0x3a/0x70 ? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] ? asm_exc_divide_error+0x1b/0x20 ? drm_dp_bw_overhead+0xb4/0x110 [drm_display_helper] ? drm_dp_calc_pbn_mode+0x2e/0x70 [drm_display_helper] nv50_msto_atomic_check+0xda/0x120 [nouveau] drm_atomic_helper_check_modeset+0xa87/0xdf0 [drm_kms_helper] drm_atomic_helper_check+0x19/0xa0 [drm_kms_helper] nv50_disp_atomic_check+0x13f/0x2f0 [nouveau] drm_atomic_check_only+0x668/0xb20 [drm] ? drm_connector_list_iter_next+0x86/0xc0 [drm] drm_atomic_commit+0x58/0xd0 [drm] ? __pfx___drm_printfn_info+0x10/0x10 [drm] drm_atomic_connector_commit_dpms+0xd7/0x100 [drm] drm_mode_obj_set_property_ioctl+0x1c5/0x450 [drm] ? __pfx_drm_connector_property_set_ioctl+0x10/0x10 [drm] drm_connector_property_set_ioctl+0x3b/0x60 [drm] drm_ioctl_kernel+0xb9/0x120 [drm] drm_ioctl+0x2d0/0x550 [drm] ? __pfx_drm_connector_property_set_ioctl+0x10/0x10 [drm] nouveau_drm_ioctl+0x61/0xc0 [nouveau] __x64_sys_ioctl+0xa0/0xf0 do_syscall_64+0x76/0x140 ? do_syscall_64+0x85/0x140 ? do_syscall_64+0x85/0x140 entry_SYSCALL_64_after_hwframe+0x6e/0x76 RIP: 0033:0x7f4a1cd1a94f Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <41> 89 c0 3d 00 f0 ff ff 77 1f 48 8b 44 24 18 64 48 2b 04 25 28 00 RSP: 002b:00007ffd2f1df520 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007ffd2f1df5b0 RCX: 00007f4a1cd1a94f RDX: 00007ffd2f1df5b0 RSI: 00000000c01064ab RDI: 000000000000000f RBP: 00000000c01064ab R08: 000056347932deb8 R09: 000056347a7d99c0 R10: 0000000000000000 R11: 0000000000000246 R12: 000056347938a220 R13: 000000000000000f R14: 0000563479d9f3f0 R15: 0000000000000000 </TASK> Modules linked in: rfcomm xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo xt_addrtype nft_compat nf_tables nfnetlink br_netfilter bridge stp llc ccm cmac algif_hash overlay algif_skcipher af_alg bnep binfmt_misc snd_sof_pci_intel_cnl snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda snd_sof snd_sof_utils snd_soc_acpi_intel_match snd_soc_acpi snd_soc_core snd_compress snd_sof_intel_hda_mlink snd_hda_ext_core iwlmvm intel_rapl_msr intel_rapl_common intel_tcc_cooling x86_pkg_temp_thermal intel_powerclamp mac80211 coretemp kvm_intel snd_hda_codec_hdmi kvm snd_hda_ ---truncated---
AI-Powered Analysis
Technical Analysis
CVE-2024-26941 is a vulnerability identified in the Linux kernel's Direct Rendering Manager (DRM) subsystem, specifically within the DisplayPort (DP) Multi-Stream Transport (MST) handling code when used with the nouveau open-source NVIDIA driver. The issue is a divide-by-zero error that occurs during the unplugging of a StarTech MSTDP122DP DisplayPort 1.2 MST hub. This regression was introduced in kernel version 6.8.0-rc3+ and manifests as a kernel panic or crash due to an unhandled divide error in the drm_dp_bw_overhead function within drm_display_helper. The vulnerability arises because the code does not properly handle the bandwidth overhead calculation when the MST hub is disconnected, leading to a division by zero. The problem is specific to the nouveau driver and the StarTech MST hub; it does not occur with other MST hubs such as the Cable Matters DisplayPort 1.4 MST hub. The kernel crash trace shows that the error propagates through various DRM atomic check and commit functions, ultimately causing the Xorg server to fail. This vulnerability affects Linux kernel versions containing the regression and impacts systems using the nouveau driver with the affected MST hub hardware. There is no indication that this vulnerability allows privilege escalation or remote code execution; rather, it causes a denial of service (DoS) by crashing the kernel or display server. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The issue has been resolved in a subsequent kernel update by adding proper checks to prevent the divide-by-zero condition.
Potential Impact
For European organizations, the primary impact of CVE-2024-26941 is a potential denial of service on Linux systems using the nouveau driver in conjunction with the StarTech MSTDP122DP DisplayPort 1.2 MST hub. This could lead to unexpected system crashes or display server failures, disrupting user productivity and potentially causing downtime in environments relying on multi-monitor setups with MST hubs. Organizations with Linux workstations or servers that utilize this specific hardware combination may experience instability, which could affect operational continuity, especially in sectors where Linux desktops or graphical workstations are common (e.g., software development, engineering, media production). Since the vulnerability does not appear to allow privilege escalation or remote exploitation, the risk of data breach or system compromise is low. However, the DoS impact could be significant in critical environments if the affected hardware is widely deployed. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to accidental crashes or targeted DoS attempts by local users or automated scripts.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should: 1) Identify Linux systems using the nouveau driver with StarTech MSTDP122DP DisplayPort 1.2 MST hubs. This can be done through hardware inventory and driver usage audits. 2) Apply the latest Linux kernel updates that include the fix for CVE-2024-26941 as soon as they become available, preferably from trusted distribution vendors or official kernel releases. 3) If immediate patching is not possible, consider temporarily avoiding the use of the affected MST hub hardware or switching to alternative MST hubs known not to trigger the issue, such as the Cable Matters DisplayPort 1.4 MST hub. 4) Monitor system logs for divide-by-zero or drm-related errors to detect potential crashes early. 5) Educate local users about the issue to prevent inadvertent unplugging of the MST hub during critical operations. 6) For environments where graphical stability is critical, consider using proprietary NVIDIA drivers instead of nouveau if compatible, as the issue is specific to the nouveau driver. 7) Maintain regular backups and system snapshots to recover quickly from any crashes caused by this vulnerability.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-02-19T14:20:24.197Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9829c4522896dcbe2ecc
Added to database: 5/21/2025, 9:08:57 AM
Last enriched: 6/29/2025, 1:26:12 PM
Last updated: 7/29/2025, 7:57:30 AM
Views: 16
Related Threats
CVE-2025-8974: Hard-coded Credentials in linlinjava litemall
MediumCVE-2025-8973: SQL Injection in SourceCodester Cashier Queuing System
MediumCVE-2025-21110: CWE-250: Execution with Unnecessary Privileges in Dell Data Lakehouse
MediumCVE-2025-8972: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-51986: n/a
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.