CVE-2024-46727: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46727 is a vulnerability in the Linux kernel's AMD display driver component, specifically in the drm/amd/display module. The vulnerability was discovered through Coverity static analysis which reported a NULL_RETURN warning. The issue was identified and disclosed on September 18, 2024, affecting Linux kernel versions up to (excluding) 6.10.9 (NVD).

The vulnerability is classified as a NULL Pointer Dereference (CWE-476) with a CVSS v3.1 Base Score of 5.5 (Medium). The issue occurs within the resourcelogpipetopologyupdate function where there was a missing NULL check for the otg_master variable. The vulnerability requires local access and low privileges to exploit (NVD, Kernel Patch).

The vulnerability could lead to a system availability impact if exploited, as indicated by the CVSS metrics showing no confidentiality or integrity impact but high availability impact (A:H). The issue affects systems running the AMD display driver on vulnerable Linux kernel versions (NVD).

The vulnerability has been fixed by adding a NULL check for the otgmaster variable within the resourcelogpipetopology_update function. The fix has been implemented in Linux kernel version 6.10.9 and backported to various stable kernel versions. Users should update their Linux kernel to a patched version (Kernel Patch).