7.8

CVE-2024-42119

drm/amd/display: Skip finding free audio for unknown engine_id

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Skip finding free audio for unknown engine_id

[WHY]
ENGINE_ID_UNKNOWN = -1 and can not be used as an array index. Plus, it
also means it is uninitialized and does not need free audio.

[HOW]
Skip and return NULL.

This fixes 2 OVERRUN issues reported by Coverity.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.15 < 4.19.318
LinuxLinux Kernel Version >= 4.20 < 5.4.280
LinuxLinux Kernel Version >= 5.5 < 5.10.222
LinuxLinux Kernel Version >= 5.11 < 5.15.163
LinuxLinux Kernel Version >= 5.16 < 6.1.98
LinuxLinux Kernel Version >= 6.2 < 6.6.39
LinuxLinux Kernel Version >= 6.7 < 6.9.9
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.28% 0.196
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/1357b2165d9ad94faa4c4a20d5e2ce29c2ff29c3
Patch
https://git.kernel.org/stable/c/874261358d31fc772f2823604167e670983cc1ca
Patch
https://git.kernel.org/stable/c/881fb6afc0004c5e6392ae2848f825bf051dae14
Patch
https://git.kernel.org/stable/c/95ad20ee3c4efbb91f9a4ab08e070aa3697f5879
Patch
https://git.kernel.org/stable/c/9eb4db08a808e3a3ba59193aeb84a57a6dc4d8c9
Patch
https://git.kernel.org/stable/c/afaaebdee9bb9f26d9e13cc34b33bd0a7bf59488
Patch
https://git.kernel.org/stable/c/eacca028a623f608607d02457122ee5284491e18
Patch
https://git.kernel.org/stable/c/ffa7bd3ca9cfa902b857d1dc9a5f46fededf86c8
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html