CVE-2024-35799 is a vulnerability identified in the Linux kernel specifically within the Direct Rendering Manager (DRM) subsystem for AMD display components. The issue arises when the kernel attempts to disable a stream encoder, a process involved in managing display output streams. The vulnerability is caused by the invocation of a function that no longer exists or is not properly declared, leading to a null pointer dereference or similar fault. This results in a kernel crash, causing a denial of service (DoS) condition. The root cause is the lack of a check for a NULL function pointer before calling the disable stream encoder function. The fix involves adding a verification step to ensure the function pointer is valid before invocation, preventing the crash. The vulnerability is classified under CWE-400, which relates to uncontrolled resource consumption or denial of service. The CVSS v3.1 base score is 6.2 (medium severity), reflecting that the attack vector is local (AV:L), requires low attack complexity (AC:L), no privileges (PR:N), no user interaction (UI:N), and impacts availability only (A:H) without affecting confidentiality or integrity. There are no known exploits in the wild at the time of publication. The affected Linux kernel versions are identified by specific commit hashes, indicating that this is a recent and targeted fix in the kernel source code.

For European organizations, the primary impact of this vulnerability is the potential for denial of service on systems running affected Linux kernel versions with AMD DRM components. This could disrupt critical services, especially in environments relying on Linux servers or workstations with AMD graphics hardware for display output, such as media production, scientific visualization, or certain industrial control systems. While the vulnerability does not compromise data confidentiality or integrity, the availability impact could lead to operational downtime, loss of productivity, and potential cascading effects in tightly coupled IT environments. Organizations with high availability requirements or those using Linux-based infrastructure in critical roles should be particularly cautious. Since exploitation requires local access and no privileges, the threat is somewhat mitigated but still relevant in multi-user or shared environments where untrusted users might trigger the crash. The absence of known exploits reduces immediate risk but does not eliminate the need for timely patching.

European organizations should apply the Linux kernel patch that addresses CVE-2024-35799 as soon as it becomes available in their distribution's updates. Specifically, ensure that the Linux kernel version in use includes the fix that adds the NULL check before disabling the stream encoder in the AMD DRM driver. For environments where immediate patching is not feasible, consider restricting local access to trusted users only and monitoring system logs for unexpected kernel crashes related to display management. Additionally, organizations should review their AMD graphics driver usage and consider fallback or alternative configurations if possible. Implementing robust system monitoring and alerting for kernel panics or crashes can help detect exploitation attempts early. Finally, maintain up-to-date inventories of hardware and kernel versions to prioritize patching efforts effectively.