CVE-2024-42120

EPSS 0.01%
Veröffentlicht 30.07.2024 08:15:04
Zuletzt bearbeitet 03.11.2025 22:17:40
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

drm/amd/display: Check pipe offset before setting vblank

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Check pipe offset before setting vblank

pipe_ctx has a size of MAX_PIPES so checking its index before accessing
the array.

This fixes an OVERRUN issue reported by Coverity.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

NVD 5 VulnDex Vulnerability Enrichment 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.15 < 5.10.222

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.163

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.98

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.39

Linux ≫ Linux Kernel Version >= 6.7 < 6.9.9

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.019

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/0b3702f9d43d163fd05e43b7d7e22e766dbef329

Patch

https://git.kernel.org/stable/c/5396a70e8cf462ec5ccf2dc8de103c79de9489e6

Patch

https://git.kernel.org/stable/c/96bf81cc1bd058bb8af6e755a548e926e934dfd1

Patch

https://git.kernel.org/stable/c/b2e9abc95583ac7bbb2c47da4d476a798146dfd6

Patch

https://git.kernel.org/stable/c/c5ec2afeeee4c91cebc4eff6d4f1ecf4047259f4

Patch

https://git.kernel.org/stable/c/d2c3645a4a5ae5d933b4116c305d9d82b8199dbf

Patch