CVE-2024-47720: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointer in the dcn30_set_output_transfer_func function. Previously, set_output_gamma was being checked for nullity at line 386, but then it was being dereferenced without any nullity check at line 401. This could potentially lead to a null pointer dereference error if set_output_gamma is indeed null. To fix this, we now ensure that set_output_gamma is not null before dereferencing it. We do this by adding a nullity check for set_output_gamma before the call to set_output_gamma at line 401. If set_output_gamma is null, we log an error message and do not call the function. This fix prevents a potential null pointer dereference error. drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:401 dcn30_set_output_transfer_func() error: we previously assumed 'mpc->funcs->set_output_gamma' could be null (see line 386) drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c 373 bool dcn30_set_output_transfer_func(struct dc *dc, 374 struct pipe_ctx *pipe_ctx, 375 const struct dc_stream_state *stream) 376 { 377 int mpcc_id = pipe_ctx->plane_res.hubp->inst; 378 struct mpc *mpc = pipe_ctx->stream_res.opp->ctx->dc->res_pool->mpc; 379 const struct pwl_params *params = NULL; 380 bool ret = false; 381 382 /* program OGAM or 3DLUT only for the top pipe*/ 383 if (pipe_ctx->top_pipe == NULL) { 384 /*program rmu shaper and 3dlut in MPC*/ 385 ret = dcn30_set_mpc_shaper_3dlut(pipe_ctx, stream); 386 if (ret == false && mpc->funcs->set_output_gamma) { ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If this is NULL 387 if (stream->out_transfer_func.type == TF_TYPE_HWPWL) 388 params = &stream->out_transfer_func.pwl; 389 else if (pipe_ctx->stream->out_transfer_func.type == 390 TF_TYPE_DISTRIBUTED_POINTS && 391 cm3_helper_translate_curve_to_hw_format( 392 &stream->out_transfer_func, 393 &mpc->blender_params, false)) 394 params = &mpc->blender_params; 395 /* there are no ROM LUTs in OUTGAM */ 396 if (stream->out_transfer_func.type == TF_TYPE_PREDEFINED) 397 BREAK_TO_DEBUGGER(); 398 } 399 } 400 --> 401 mpc->funcs->set_output_gamma(mpc, mpcc_id, params); ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Then it will crash 402 return ret; 403 }
AI Analysis
Technical Summary
CVE-2024-47720 is a vulnerability identified in the Linux kernel, specifically within the AMD GPU driver component responsible for display management (drm/amd/display). The issue arises in the function dcn30_set_output_transfer_func, where a function pointer named set_output_gamma is dereferenced without a proper null check. Although there is an initial check for nullity at line 386, the code later calls set_output_gamma at line 401 without verifying if it is still non-null. If set_output_gamma is null, this leads to a null pointer dereference, causing a kernel crash (denial of service). This vulnerability is a classic example of improper pointer validation that can lead to system instability. The fix involves adding a null check before the function pointer is dereferenced and logging an error if it is null, preventing the crash. The affected code is part of the AMD GPU display driver stack, which is used in Linux systems running AMD graphics hardware. The vulnerability does not appear to allow privilege escalation or arbitrary code execution directly but can cause a denial of service by crashing the kernel when the null pointer is dereferenced. The vulnerability affects specific Linux kernel versions identified by the commit hash d99f13878d6f9c286b13860d8bf0b4db9ffb189a. There are no known exploits in the wild at the time of publication, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the primary impact of CVE-2024-47720 is the potential for denial of service (DoS) on Linux systems utilizing AMD GPUs with the affected driver versions. This could disrupt critical services, especially in environments relying on Linux servers or workstations with AMD graphics hardware for graphical processing tasks, such as scientific computing, media production, or virtual desktop infrastructure. The kernel crash caused by the null pointer dereference could lead to system downtime, data loss if unsaved work is present, and operational interruptions. While this vulnerability does not directly compromise confidentiality or integrity, the availability impact can be significant in production environments. Organizations with high availability requirements or those operating critical infrastructure should be particularly cautious. Additionally, the vulnerability could be exploited by local users or processes with the ability to trigger the affected function, potentially including unprivileged users if the driver is accessible. This raises concerns for multi-tenant environments or shared systems. However, remote exploitation is unlikely without local access. The lack of known exploits reduces immediate risk but does not eliminate the need for prompt remediation.
Mitigation Recommendations
To mitigate CVE-2024-47720, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the null pointer dereference in the AMD GPU driver. This is the most effective mitigation. 2) Audit and inventory Linux systems to identify those running affected kernel versions with AMD GPU hardware. 3) In environments where immediate patching is not feasible, consider disabling or unloading the AMD GPU driver module if GPU functionality is not critical, to prevent triggering the vulnerable code path. 4) Implement monitoring to detect kernel crashes or system reboots that may indicate exploitation attempts or triggering of the vulnerability. 5) Restrict local user permissions to minimize the ability of unprivileged users to invoke GPU driver functions, reducing the attack surface. 6) For virtualized or containerized environments, ensure that GPU passthrough or access is tightly controlled and monitored. 7) Engage with Linux distribution vendors and AMD for timely updates and advisories. 8) Incorporate this vulnerability into incident response and vulnerability management workflows to ensure rapid detection and remediation.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain, Belgium
CVE-2024-47720: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointer in the dcn30_set_output_transfer_func function. Previously, set_output_gamma was being checked for nullity at line 386, but then it was being dereferenced without any nullity check at line 401. This could potentially lead to a null pointer dereference error if set_output_gamma is indeed null. To fix this, we now ensure that set_output_gamma is not null before dereferencing it. We do this by adding a nullity check for set_output_gamma before the call to set_output_gamma at line 401. If set_output_gamma is null, we log an error message and do not call the function. This fix prevents a potential null pointer dereference error. drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:401 dcn30_set_output_transfer_func() error: we previously assumed 'mpc->funcs->set_output_gamma' could be null (see line 386) drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c 373 bool dcn30_set_output_transfer_func(struct dc *dc, 374 struct pipe_ctx *pipe_ctx, 375 const struct dc_stream_state *stream) 376 { 377 int mpcc_id = pipe_ctx->plane_res.hubp->inst; 378 struct mpc *mpc = pipe_ctx->stream_res.opp->ctx->dc->res_pool->mpc; 379 const struct pwl_params *params = NULL; 380 bool ret = false; 381 382 /* program OGAM or 3DLUT only for the top pipe*/ 383 if (pipe_ctx->top_pipe == NULL) { 384 /*program rmu shaper and 3dlut in MPC*/ 385 ret = dcn30_set_mpc_shaper_3dlut(pipe_ctx, stream); 386 if (ret == false && mpc->funcs->set_output_gamma) { ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If this is NULL 387 if (stream->out_transfer_func.type == TF_TYPE_HWPWL) 388 params = &stream->out_transfer_func.pwl; 389 else if (pipe_ctx->stream->out_transfer_func.type == 390 TF_TYPE_DISTRIBUTED_POINTS && 391 cm3_helper_translate_curve_to_hw_format( 392 &stream->out_transfer_func, 393 &mpc->blender_params, false)) 394 params = &mpc->blender_params; 395 /* there are no ROM LUTs in OUTGAM */ 396 if (stream->out_transfer_func.type == TF_TYPE_PREDEFINED) 397 BREAK_TO_DEBUGGER(); 398 } 399 } 400 --> 401 mpc->funcs->set_output_gamma(mpc, mpcc_id, params); ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Then it will crash 402 return ret; 403 }
AI-Powered Analysis
Technical Analysis
CVE-2024-47720 is a vulnerability identified in the Linux kernel, specifically within the AMD GPU driver component responsible for display management (drm/amd/display). The issue arises in the function dcn30_set_output_transfer_func, where a function pointer named set_output_gamma is dereferenced without a proper null check. Although there is an initial check for nullity at line 386, the code later calls set_output_gamma at line 401 without verifying if it is still non-null. If set_output_gamma is null, this leads to a null pointer dereference, causing a kernel crash (denial of service). This vulnerability is a classic example of improper pointer validation that can lead to system instability. The fix involves adding a null check before the function pointer is dereferenced and logging an error if it is null, preventing the crash. The affected code is part of the AMD GPU display driver stack, which is used in Linux systems running AMD graphics hardware. The vulnerability does not appear to allow privilege escalation or arbitrary code execution directly but can cause a denial of service by crashing the kernel when the null pointer is dereferenced. The vulnerability affects specific Linux kernel versions identified by the commit hash d99f13878d6f9c286b13860d8bf0b4db9ffb189a. There are no known exploits in the wild at the time of publication, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the primary impact of CVE-2024-47720 is the potential for denial of service (DoS) on Linux systems utilizing AMD GPUs with the affected driver versions. This could disrupt critical services, especially in environments relying on Linux servers or workstations with AMD graphics hardware for graphical processing tasks, such as scientific computing, media production, or virtual desktop infrastructure. The kernel crash caused by the null pointer dereference could lead to system downtime, data loss if unsaved work is present, and operational interruptions. While this vulnerability does not directly compromise confidentiality or integrity, the availability impact can be significant in production environments. Organizations with high availability requirements or those operating critical infrastructure should be particularly cautious. Additionally, the vulnerability could be exploited by local users or processes with the ability to trigger the affected function, potentially including unprivileged users if the driver is accessible. This raises concerns for multi-tenant environments or shared systems. However, remote exploitation is unlikely without local access. The lack of known exploits reduces immediate risk but does not eliminate the need for prompt remediation.
Mitigation Recommendations
To mitigate CVE-2024-47720, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the null pointer dereference in the AMD GPU driver. This is the most effective mitigation. 2) Audit and inventory Linux systems to identify those running affected kernel versions with AMD GPU hardware. 3) In environments where immediate patching is not feasible, consider disabling or unloading the AMD GPU driver module if GPU functionality is not critical, to prevent triggering the vulnerable code path. 4) Implement monitoring to detect kernel crashes or system reboots that may indicate exploitation attempts or triggering of the vulnerability. 5) Restrict local user permissions to minimize the ability of unprivileged users to invoke GPU driver functions, reducing the attack surface. 6) For virtualized or containerized environments, ensure that GPU passthrough or access is tightly controlled and monitored. 7) Engage with Linux distribution vendors and AMD for timely updates and advisories. 8) Incorporate this vulnerability into incident response and vulnerability management workflows to ensure rapid detection and remediation.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-09-30T16:00:12.950Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9825c4522896dcbe05b4
Added to database: 5/21/2025, 9:08:53 AM
Last enriched: 6/28/2025, 7:56:39 PM
Last updated: 7/31/2025, 7:43:10 PM
Views: 11
Related Threats
CVE-2025-8533: CWE-863 Incorrect Authorization in Flexibits Fantastical
MediumCVE-2025-35970: Use of weak credentials in SEIKO EPSON Multiple EPSON product
HighCVE-2025-29866: CWE-73: External Control of File Name or Path in TAGFREE X-Free Uploader
HighCVE-2025-32094: CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in Akamai AkamaiGhost
MediumCVE-2025-8583: Inappropriate implementation in Google Chrome
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.