7.8
CVE-2024-42119
- EPSS 0.28%
- Veröffentlicht 30.07.2024 08:15:04
- Zuletzt bearbeitet 03.11.2025 22:17:40
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
drm/amd/display: Skip finding free audio for unknown engine_id
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY] ENGINE_ID_UNKNOWN = -1 and can not be used as an array index. Plus, it also means it is uninitialized and does not need free audio. [HOW] Skip and return NULL. This fixes 2 OVERRUN issues reported by Coverity.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.318
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.280
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.222
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.163
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.98
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.39
Linux ≫ Linux Kernel Version >= 6.7 < 6.9.9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.196 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
https://git.kernel.org/stable/c/1357b2165d9ad94faa4c4a20d5e2ce29c2ff29c3
https://git.kernel.org/stable/c/874261358d31fc772f2823604167e670983cc1ca
https://git.kernel.org/stable/c/881fb6afc0004c5e6392ae2848f825bf051dae14
https://git.kernel.org/stable/c/95ad20ee3c4efbb91f9a4ab08e070aa3697f5879
https://git.kernel.org/stable/c/9eb4db08a808e3a3ba59193aeb84a57a6dc4d8c9
https://git.kernel.org/stable/c/afaaebdee9bb9f26d9e13cc34b33bd0a7bf59488
https://git.kernel.org/stable/c/eacca028a623f608607d02457122ee5284491e18
https://git.kernel.org/stable/c/ffa7bd3ca9cfa902b857d1dc9a5f46fededf86c8
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html