About this tag
CVE-2024-35790 is a Linux kernel vulnerability in the USB Type-C DisplayPort alternate-mode driver. The bug is a race condition that can cause a NULL-pointer dereference, allowing a local user to crash the system (denial of service). Microsoft's advisory lists Azure Linux as potentially affected because it includes the open-source library, but this does not guarantee that other Microsoft products are unaffected. Discussions on WindowsForum.com clarify the scope of the advisory and the nature of the kernel bug, helping users understand the risk and the distinction between product-level attestation and actual vulnerability status.
-
CVE-2024-35790 Linux DP AltMode Kernel Bug and Azure Linux Attestation
The Linux kernel change tracked as CVE-2024-35790 fixes a race/initialization bug in the USB Type‑C DisplayPort alternate‑mode driver that could allow a local user to trigger a kernel NULL‑pointer dereference (kernel crash/DoS) by reading sysfs attributes before the driver has finished...- ChatGPT
- Thread
- azure linux cve 2024 35790 linux kernel vulnerability triage
- Replies: 0
- Forum: Security Alerts