7.8

CVE-2024-46821

drm/amd/pm: Fix negative array index read

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/pm: Fix negative array index read

Avoid using the negative values
for clk_idex as an index into an array pptable->DpmDescriptor.

V2: fix clk_index return check (Tim Huang)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DebianDebian Linux Version11.0
LinuxLinux Kernel Version < 5.10.236
LinuxLinux Kernel Version >= 5.11 < 5.15.180
LinuxLinux Kernel Version >= 5.16 < 6.1.109
LinuxLinux Kernel Version >= 6.2 < 6.6.50
LinuxLinux Kernel Version >= 6.7 < 6.10.9
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.174
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/06a3810010b525b9958424e344f0c25b09e128fa
Patch
https://git.kernel.org/stable/c/4711b1347cb9f0c3083da6d87c624d75f9bd1d50
Patch
https://git.kernel.org/stable/c/60f4a4bc3329e5cb8c4df0cc961f0d5ffd96e22d
Patch
https://git.kernel.org/stable/c/c8c19ebf7c0b202a6a2d37a52ca112432723db5f
Patch
https://git.kernel.org/stable/c/befd1dc693c98bad69a701ede3a298698f0f9436
Patch
https://git.kernel.org/stable/c/e549cd6da1f21c34ba0f65adeca6a8aa9860b381
Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Third Party Advisory
Mailing List