CVE-2024-46726

EPSS 0.02%
Published 18.09.2024 07:15:03
Last modified 03.11.2025 23:15:57
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Ensure index calculation will not overflow

[WHY & HOW]
Make sure vmid0p72_idx, vnom0p8_idx and vmax0p9_idx calculation will
never overflow and exceess array size.

This fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues reported by Coverity.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.1.109

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.50

Linux ≫ Linux Kernel Version >= 6.7 < 6.10.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.048

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/3dc6bb57dab36b38b7374af0ac916174c146b6ed

Patch

https://git.kernel.org/stable/c/733ae185502d30bbe79575167b6178cfb6c5d6bd

Patch

https://git.kernel.org/stable/c/8e2734bf444767fed787305ccdcb36a2be5301a2

Patch

https://git.kernel.org/stable/c/d705b5869f6b1b46ad5ceb1bd2a08c04f7e5003b

Patch

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2024-46726

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-46726

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-46726

EUVD