Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-dpxa-rmkj-5ke8
Vulnerability ID VCID-dpxa-rmkj-5ke8
Aliases CVE-2024-26661
Summary In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg is not NULL.
Status Published
Exploitability 0.5
Weighted Severity 4.4
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-476 NULL Pointer Dereference
System Score Found at
cvssv3 4.4 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26661.json
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2024-26661
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2024-26661
cvssv3.1 5.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 5.5 https://git.kernel.org/stable/c/39f24c08363af1cd945abad84e3c87fd3e3c845a
ssvc Track https://git.kernel.org/stable/c/39f24c08363af1cd945abad84e3c87fd3e3c845a
cvssv3.1 5.5 https://git.kernel.org/stable/c/3f3c237a706580326d3b7a1b97697e5031ca4667
ssvc Track https://git.kernel.org/stable/c/3f3c237a706580326d3b7a1b97697e5031ca4667
cvssv3.1 5.5 https://git.kernel.org/stable/c/66951d98d9bf45ba25acf37fe0747253fafdf298
ssvc Track https://git.kernel.org/stable/c/66951d98d9bf45ba25acf37fe0747253fafdf298
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26661.json
https://api.first.org/data/v1/epss?cve=CVE-2024-26661
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26661
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2272784 https://bugzilla.redhat.com/show_bug.cgi?id=2272784
39f24c08363af1cd945abad84e3c87fd3e3c845a https://git.kernel.org/stable/c/39f24c08363af1cd945abad84e3c87fd3e3c845a
3f3c237a706580326d3b7a1b97697e5031ca4667 https://git.kernel.org/stable/c/3f3c237a706580326d3b7a1b97697e5031ca4667
66951d98d9bf45ba25acf37fe0747253fafdf298 https://git.kernel.org/stable/c/66951d98d9bf45ba25acf37fe0747253fafdf298
RHSA-2024:9315 https://access.redhat.com/errata/RHSA-2024:9315
USN-6895-1 https://usn.ubuntu.com/6895-1/
USN-6895-2 https://usn.ubuntu.com/6895-2/
USN-6895-3 https://usn.ubuntu.com/6895-3/
USN-6895-4 https://usn.ubuntu.com/6895-4/
USN-6900-1 https://usn.ubuntu.com/6900-1/
USN-7100-1 https://usn.ubuntu.com/7100-1/
USN-7100-2 https://usn.ubuntu.com/7100-2/
USN-7123-1 https://usn.ubuntu.com/7123-1/
USN-7144-1 https://usn.ubuntu.com/7144-1/
USN-7194-1 https://usn.ubuntu.com/7194-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26661.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://git.kernel.org/stable/c/39f24c08363af1cd945abad84e3c87fd3e3c845a
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T17:47:14Z/ Found at https://git.kernel.org/stable/c/39f24c08363af1cd945abad84e3c87fd3e3c845a
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://git.kernel.org/stable/c/3f3c237a706580326d3b7a1b97697e5031ca4667
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T17:47:14Z/ Found at https://git.kernel.org/stable/c/3f3c237a706580326d3b7a1b97697e5031ca4667
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://git.kernel.org/stable/c/66951d98d9bf45ba25acf37fe0747253fafdf298
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-02T17:47:14Z/ Found at https://git.kernel.org/stable/c/66951d98d9bf45ba25acf37fe0747253fafdf298
Exploit Prediction Scoring System (EPSS)
Percentile 0.00979
EPSS Score 9e-05
Published At June 6, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:49:48.524308+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0