7.8
CVE-2024-42120
- EPSS 0.26%
- Veröffentlicht 30.07.2024 08:15:04
- Zuletzt bearbeitet 03.11.2025 22:17:40
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
drm/amd/display: Check pipe offset before setting vblank
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.15 < 5.10.222
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.163
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.98
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.39
Linux ≫ Linux Kernel Version >= 6.7 < 6.9.9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.174 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
https://git.kernel.org/stable/c/0b3702f9d43d163fd05e43b7d7e22e766dbef329
https://git.kernel.org/stable/c/5396a70e8cf462ec5ccf2dc8de103c79de9489e6
https://git.kernel.org/stable/c/96bf81cc1bd058bb8af6e755a548e926e934dfd1
https://git.kernel.org/stable/c/b2e9abc95583ac7bbb2c47da4d476a798146dfd6
https://git.kernel.org/stable/c/c5ec2afeeee4c91cebc4eff6d4f1ecf4047259f4
https://git.kernel.org/stable/c/d2c3645a4a5ae5d933b4116c305d9d82b8199dbf
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html