Login Sign Up

CVE-2024-35799

5.5 MEDIUM
Denial of Service

📋 TL;DR

A NULL pointer dereference vulnerability in the AMD display driver component of the Linux kernel can cause a kernel crash when disabling a display stream. This affects Linux systems with AMD graphics hardware using the affected kernel versions.

💻 Affected Systems

Products:
  • Linux kernel with AMD display driver (drm/amd/display)
Versions: Kernel versions containing the vulnerable code (specific versions not provided in CVE, but patches available in stable kernel trees)
Operating Systems: Linux distributions with affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires AMD graphics hardware and the affected display driver component to be loaded.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or system instability.

🟠

Likely Case

System crash or instability when display operations are performed, particularly with multiple displays or display mode changes.

🟢

If Mitigated

Minor system instability that may require reboot if triggered during display operations.

🌐 Internet-Facing: LOW - This is a local kernel vulnerability requiring local access to trigger.
🏢 Internal Only: MEDIUM - Local users or processes with appropriate privileges could crash the system.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW - Simple trigger condition but requires appropriate privileges.

Exploitation requires ability to perform display operations, typically requiring local access and appropriate permissions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits referenced in CVE)

Vendor Advisory: https://git.kernel.org/stable/c/2b17133a0a2e0e111803124dad09e803718d4a48

Restart Required: Yes

Instructions:

1. Update to a patched kernel version from your distribution's repositories. 2. Reboot the system to load the new kernel.

🔧 Temporary Workarounds

Disable AMD display driver

linux

Prevent loading of the vulnerable AMD display driver module

echo 'blacklist amdgpu' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

  • Restrict local user access to systems with AMD graphics
  • Monitor for system crashes and investigate display-related kernel panics

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if AMD display driver is loaded: 'uname -r' and 'lsmod | grep amdgpu'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and check dmesg for display-related errors after patch

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages in dmesg or /var/log/kern.log
  • Display driver crash logs
  • System crash reports

Network Indicators:

  • None - local vulnerability

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "NULL pointer dereference") AND "display"

📊 Metadata

CVE ID: CVE-2024-35799
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-400
Published: May 17, 2024
Last Updated: September 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35799, you might also want to check these:

CVE-2024-45166 9.8

UCI IDOL2 through version 2.12 contains multiple memory corruption vulnerabilities due to improper i...

Same vulnerability type (CWE-400)
CVE-2025-61303 9.8

This vulnerability in Hatching Triage Sandbox allows malware samples to evade detection by recursive...

Same vulnerability type (CWE-400)
CVE-2024-39462 9.8

This is a Linux kernel memory corruption vulnerability in the BCM2711 DVP clock driver where array b...

Same vulnerability type (CWE-400)