CVE-2024-43901: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 When users run the command: cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log The following NULL pointer dereference happens: [ +0.000003] BUG: kernel NULL pointer dereference, address: NULL [ +0.000005] #PF: supervisor instruction fetch in kernel mode [ +0.000002] #PF: error_code(0x0010) - not-present page [ +0.000002] PGD 0 P4D 0 [ +0.000004] Oops: 0010 [#1] PREEMPT SMP NOPTI [ +0.000003] RIP: 0010:0x0 [ +0.000008] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [...] [ +0.000002] PKRU: 55555554 [ +0.000002] Call Trace: [ +0.000002] <TASK> [ +0.000003] ? show_regs+0x65/0x70 [ +0.000006] ? __die+0x24/0x70 [ +0.000004] ? page_fault_oops+0x160/0x470 [ +0.000006] ? do_user_addr_fault+0x2b5/0x690 [ +0.000003] ? prb_read_valid+0x1c/0x30 [ +0.000005] ? exc_page_fault+0x8c/0x1a0 [ +0.000005] ? asm_exc_page_fault+0x27/0x30 [ +0.000012] dcn10_log_color_state+0xf9/0x510 [amdgpu] [ +0.000306] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? vsnprintf+0x2fb/0x600 [ +0.000009] dcn10_log_hw_state+0xfd0/0xfe0 [amdgpu] [ +0.000218] ? __mod_memcg_lruvec_state+0xe8/0x170 [ +0.000008] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? debug_smp_processor_id+0x17/0x20 [ +0.000003] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? set_ptes.isra.0+0x2b/0x90 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? _raw_spin_unlock+0x19/0x40 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? do_anonymous_page+0x337/0x700 [ +0.000004] dtn_log_read+0x82/0x120 [amdgpu] [ +0.000207] full_proxy_read+0x66/0x90 [ +0.000007] vfs_read+0xb0/0x340 [ +0.000005] ? __count_memcg_events+0x79/0xe0 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? count_memcg_events.constprop.0+0x1e/0x40 [ +0.000003] ? handle_mm_fault+0xb2/0x370 [ +0.000003] ksys_read+0x6b/0xf0 [ +0.000004] __x64_sys_read+0x19/0x20 [ +0.000003] do_syscall_64+0x60/0x130 [ +0.000004] entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ +0.000003] RIP: 0033:0x7fdf32f147e2 [...] This error happens when the color log tries to read the gamut remap information from DCN401 which is not initialized in the dcn401_dpp_funcs which leads to a null pointer dereference. This commit addresses this issue by adding a proper guard to access the gamut_remap callback in case the specific ASIC did not implement this function.
AI Analysis
Technical Summary
CVE-2024-43901 is a vulnerability identified in the Linux kernel specifically within the AMD GPU Direct Rendering Manager (DRM) driver subsystem, targeting the display component (drm/amd/display). The flaw arises from a NULL pointer dereference triggered when users attempt to read the DTN (Display Technology Node) log via the debug filesystem path /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log. The root cause is that the color log functionality tries to access gamut remap information from the DCN401 ASIC (a specific AMD display engine version) which is not properly initialized in the dcn401_dpp_funcs structure. This leads to a NULL pointer dereference because the gamut_remap callback function pointer is missing or unimplemented for this ASIC variant. When the kernel attempts to execute this callback, it dereferences a NULL pointer, causing a kernel oops and system crash. The kernel logs show a page fault in kernel mode with a call trace pointing to the amdgpu driver functions responsible for logging hardware state and color state. The issue is addressed by adding a guard condition to check if the gamut_remap callback is implemented before invoking it, preventing the NULL pointer dereference. This vulnerability is triggered by a local user running a read command on a debug file, which is typically accessible only to privileged users or those with debugfs access. There are no known exploits in the wild at this time, and no CVSS score has been assigned yet. The vulnerability affects Linux kernel versions containing the specified commit hashes prior to the patch. The flaw impacts system stability by causing kernel crashes, potentially leading to denial of service (DoS) conditions. It does not appear to allow privilege escalation or code execution directly but can disrupt availability of the system or GPU functionality.
Potential Impact
For European organizations, the primary impact of CVE-2024-43901 is on system availability and stability, particularly for those using Linux systems with AMD GPUs that include the DCN401 display engine. This includes servers, workstations, and embedded systems running vulnerable Linux kernel versions. Organizations relying on AMD GPU hardware for graphics-intensive workloads, visualization, or compute tasks may experience unexpected kernel panics and system reboots if the vulnerability is triggered. While exploitation requires local access and the ability to read debugfs files, insider threats or compromised user accounts could leverage this to cause denial of service. This could disrupt critical operations in sectors such as finance, manufacturing, research, and public services that use Linux-based infrastructure with AMD GPUs. Additionally, the vulnerability could affect cloud providers or data centers hosting Linux virtual machines with passthrough AMD GPUs, impacting service availability. Since the flaw is in a kernel driver, it may also affect containerized environments or virtualized workloads using AMD GPU acceleration. The lack of remote exploitability limits the threat scope, but the impact on availability and potential operational disruption is significant for affected systems.
Mitigation Recommendations
1. Apply the official Linux kernel patch that adds the guard to prevent NULL pointer dereference in the amdgpu driver as soon as it is available and integrated into your distribution's kernel updates. 2. Restrict access to debugfs, especially the /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log file, to trusted and privileged users only, minimizing the risk of local exploitation. 3. Monitor kernel logs for signs of NULL pointer dereference or kernel oops related to amdgpu and drm subsystems to detect attempted exploitation or instability. 4. For critical systems, consider disabling debugfs or mounting it with restricted permissions if debug functionality is not required. 5. In environments using AMD GPUs with DCN401 ASICs, validate kernel versions and hardware compatibility to ensure patched versions are deployed. 6. Employ system integrity monitoring and endpoint detection tools to identify anomalous local user behavior that could trigger this vulnerability. 7. Coordinate with Linux distribution vendors and AMD for timely updates and advisories related to this vulnerability. 8. For cloud or virtualized environments, ensure hypervisor and guest kernel versions are updated to mitigate this issue in GPU passthrough scenarios.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain
CVE-2024-43901: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 When users run the command: cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log The following NULL pointer dereference happens: [ +0.000003] BUG: kernel NULL pointer dereference, address: NULL [ +0.000005] #PF: supervisor instruction fetch in kernel mode [ +0.000002] #PF: error_code(0x0010) - not-present page [ +0.000002] PGD 0 P4D 0 [ +0.000004] Oops: 0010 [#1] PREEMPT SMP NOPTI [ +0.000003] RIP: 0010:0x0 [ +0.000008] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [...] [ +0.000002] PKRU: 55555554 [ +0.000002] Call Trace: [ +0.000002] <TASK> [ +0.000003] ? show_regs+0x65/0x70 [ +0.000006] ? __die+0x24/0x70 [ +0.000004] ? page_fault_oops+0x160/0x470 [ +0.000006] ? do_user_addr_fault+0x2b5/0x690 [ +0.000003] ? prb_read_valid+0x1c/0x30 [ +0.000005] ? exc_page_fault+0x8c/0x1a0 [ +0.000005] ? asm_exc_page_fault+0x27/0x30 [ +0.000012] dcn10_log_color_state+0xf9/0x510 [amdgpu] [ +0.000306] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? vsnprintf+0x2fb/0x600 [ +0.000009] dcn10_log_hw_state+0xfd0/0xfe0 [amdgpu] [ +0.000218] ? __mod_memcg_lruvec_state+0xe8/0x170 [ +0.000008] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? debug_smp_processor_id+0x17/0x20 [ +0.000003] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? set_ptes.isra.0+0x2b/0x90 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? _raw_spin_unlock+0x19/0x40 [ +0.000004] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000002] ? do_anonymous_page+0x337/0x700 [ +0.000004] dtn_log_read+0x82/0x120 [amdgpu] [ +0.000207] full_proxy_read+0x66/0x90 [ +0.000007] vfs_read+0xb0/0x340 [ +0.000005] ? __count_memcg_events+0x79/0xe0 [ +0.000002] ? srso_alias_return_thunk+0x5/0xfbef5 [ +0.000003] ? count_memcg_events.constprop.0+0x1e/0x40 [ +0.000003] ? handle_mm_fault+0xb2/0x370 [ +0.000003] ksys_read+0x6b/0xf0 [ +0.000004] __x64_sys_read+0x19/0x20 [ +0.000003] do_syscall_64+0x60/0x130 [ +0.000004] entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ +0.000003] RIP: 0033:0x7fdf32f147e2 [...] This error happens when the color log tries to read the gamut remap information from DCN401 which is not initialized in the dcn401_dpp_funcs which leads to a null pointer dereference. This commit addresses this issue by adding a proper guard to access the gamut_remap callback in case the specific ASIC did not implement this function.
AI-Powered Analysis
Technical Analysis
CVE-2024-43901 is a vulnerability identified in the Linux kernel specifically within the AMD GPU Direct Rendering Manager (DRM) driver subsystem, targeting the display component (drm/amd/display). The flaw arises from a NULL pointer dereference triggered when users attempt to read the DTN (Display Technology Node) log via the debug filesystem path /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log. The root cause is that the color log functionality tries to access gamut remap information from the DCN401 ASIC (a specific AMD display engine version) which is not properly initialized in the dcn401_dpp_funcs structure. This leads to a NULL pointer dereference because the gamut_remap callback function pointer is missing or unimplemented for this ASIC variant. When the kernel attempts to execute this callback, it dereferences a NULL pointer, causing a kernel oops and system crash. The kernel logs show a page fault in kernel mode with a call trace pointing to the amdgpu driver functions responsible for logging hardware state and color state. The issue is addressed by adding a guard condition to check if the gamut_remap callback is implemented before invoking it, preventing the NULL pointer dereference. This vulnerability is triggered by a local user running a read command on a debug file, which is typically accessible only to privileged users or those with debugfs access. There are no known exploits in the wild at this time, and no CVSS score has been assigned yet. The vulnerability affects Linux kernel versions containing the specified commit hashes prior to the patch. The flaw impacts system stability by causing kernel crashes, potentially leading to denial of service (DoS) conditions. It does not appear to allow privilege escalation or code execution directly but can disrupt availability of the system or GPU functionality.
Potential Impact
For European organizations, the primary impact of CVE-2024-43901 is on system availability and stability, particularly for those using Linux systems with AMD GPUs that include the DCN401 display engine. This includes servers, workstations, and embedded systems running vulnerable Linux kernel versions. Organizations relying on AMD GPU hardware for graphics-intensive workloads, visualization, or compute tasks may experience unexpected kernel panics and system reboots if the vulnerability is triggered. While exploitation requires local access and the ability to read debugfs files, insider threats or compromised user accounts could leverage this to cause denial of service. This could disrupt critical operations in sectors such as finance, manufacturing, research, and public services that use Linux-based infrastructure with AMD GPUs. Additionally, the vulnerability could affect cloud providers or data centers hosting Linux virtual machines with passthrough AMD GPUs, impacting service availability. Since the flaw is in a kernel driver, it may also affect containerized environments or virtualized workloads using AMD GPU acceleration. The lack of remote exploitability limits the threat scope, but the impact on availability and potential operational disruption is significant for affected systems.
Mitigation Recommendations
1. Apply the official Linux kernel patch that adds the guard to prevent NULL pointer dereference in the amdgpu driver as soon as it is available and integrated into your distribution's kernel updates. 2. Restrict access to debugfs, especially the /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log file, to trusted and privileged users only, minimizing the risk of local exploitation. 3. Monitor kernel logs for signs of NULL pointer dereference or kernel oops related to amdgpu and drm subsystems to detect attempted exploitation or instability. 4. For critical systems, consider disabling debugfs or mounting it with restricted permissions if debug functionality is not required. 5. In environments using AMD GPUs with DCN401 ASICs, validate kernel versions and hardware compatibility to ensure patched versions are deployed. 6. Employ system integrity monitoring and endpoint detection tools to identify anomalous local user behavior that could trigger this vulnerability. 7. Coordinate with Linux distribution vendors and AMD for timely updates and advisories related to this vulnerability. 8. For cloud or virtualized environments, ensure hypervisor and guest kernel versions are updated to mitigate this issue in GPU passthrough scenarios.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-08-17T09:11:59.292Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9826c4522896dcbe0c28
Added to database: 5/21/2025, 9:08:54 AM
Last enriched: 6/28/2025, 10:39:36 PM
Last updated: 7/29/2025, 10:34:02 PM
Views: 16
Related Threats
CVE-2025-9002: SQL Injection in Surbowl dormitory-management-php
MediumCVE-2025-9001: Stack-based Buffer Overflow in LemonOS
MediumCVE-2025-8867: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in iqonicdesign Graphina – Elementor Charts and Graphs
MediumCVE-2025-8680: CWE-918 Server-Side Request Forgery (SSRF) in bplugins B Slider- Gutenberg Slider Block for WP
MediumCVE-2025-8676: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in bplugins B Slider- Gutenberg Slider Block for WP
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.