CVE-2024-50003 in Linuxinfo

Summary

by MITRE • 10/21/2024

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix system hang while resume with TBT monitor

[Why]
Connected with a Thunderbolt monitor and do the suspend and the system may hang while resume.

The TBT monitor HPD will be triggered during the resume procedure and call the drm_client_modeset_probe() while struct drm_connector connector->dev->master is NULL.

It will mess up the pipe topology after resume.

[How]
Skip the TBT monitor HPD during the resume procedure because we currently will probe the connectors after resume by default.

(cherry picked from commit 453f86a26945207a16b8f66aaed5962dc2b95b85)

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 03/22/2026

This vulnerability exists within the Linux kernel's display subsystem, specifically affecting the AMD display driver component known as drm/amd/display. The issue manifests as a system hang during the resume phase from suspend state when a Thunderbolt monitor is connected to the system. The root cause lies in the improper handling of Hot Plug Detection (HPD) signals from Thunderbolt monitors during the system resume process. When the system resumes from suspend, the Thunderbolt monitor's HPD mechanism is triggered, which subsequently calls the drm_client_modeset_probe() function. This function attempts to operate on a drm_connector structure where the device master pointer (connector->dev->master) is NULL, creating a critical state that disrupts the display pipeline topology.

The technical flaw represents a classic race condition and null pointer dereference scenario within the kernel's display management code. During system resume, the normal connector probing sequence is interrupted by the unexpected HPD signal from the Thunderbolt monitor, which occurs before the proper system state initialization is complete. This creates a situation where the drm_client_modeset_probe() function executes with incomplete or invalid context, specifically when the master device reference is null. The vulnerability directly impacts the display subsystem's ability to properly reinitialize the graphics pipeline topology, leading to system hang conditions that prevent normal system operation.

The operational impact of this vulnerability is significant for systems utilizing Thunderbolt displays in suspended states. Users experiencing this issue would encounter complete system lockups during resume operations, requiring forced power cycles to recover. This affects desktop and laptop systems with Thunderbolt video connectivity, particularly in enterprise environments where system reliability is critical. The vulnerability essentially creates a denial of service condition that prevents normal system operation, with the system becoming unresponsive until manual intervention occurs. This type of issue can be particularly problematic in automated or remote management scenarios where unexpected system hangs can lead to extended downtime and service disruption.

The mitigation strategy involves modifying the resume procedure to skip Thunderbolt monitor HPD processing during system resume operations. This approach aligns with the principle of avoiding unnecessary hardware interactions during critical system state transitions. By implementing the fix that cherry-picks from commit 453f86a26945207a16b8f66aaed5962dc2b95b85, the kernel prevents the problematic HPD signal handling during resume while still allowing normal connector probing to occur afterward. This solution follows established security practices for managing system state transitions and prevents the race condition that leads to the null pointer dereference. The fix essentially implements a defensive programming approach that ensures proper system state validation before executing potentially hazardous operations. This vulnerability demonstrates the importance of proper state management during system transitions and the critical need for robust error handling in kernel-level display drivers. The issue relates to CWE-476 which addresses null pointer dereference conditions, and potentially maps to ATT&CK technique T1490 for system destruction through denial of service attacks.

Responsible

Linux

Reservation

10/21/2024

Disclosure

10/21/2024

Moderation

accepted

CPE

ready

EPSS

0.00219

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!