7.8
CVE-2024-46813
- EPSS 0.25%
- Veröffentlicht 27.09.2024 13:15:14
- Zuletzt bearbeitet 05.05.2026 15:23:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
drm/amd/display: Check link_index before accessing dc->links[]
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_index before accessing dc->links[] [WHY & HOW] dc->links[] has max size of MAX_LINKS and NULL is return when trying to access with out-of-bound index. This fixes 3 OVERRUN and 1 RESOURCE_LEAK issues reported by Coverity.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 6.6.87
Linux ≫ Linux Kernel Version >= 6.7 < 6.10.9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.157 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
https://git.kernel.org/stable/c/8aa2864044b9d13e95fe224f32e808afbf79ecdf
https://git.kernel.org/stable/c/ac04759b4a002969cf0f1384f1b8bb2001cfa782
https://git.kernel.org/stable/c/032c5407a608ac3b2a98bf4fbda27d12c20c5887