CVE-2024-46821

EPSS 0.01%
Published 27.09.2024 13:15:14
Last modified 03.11.2025 23:16:04
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/pm: Fix negative array index read

Avoid using the negative values
for clk_idex as an index into an array pptable->DpmDescriptor.

V2: fix clk_index return check (Tim Huang)

Affected products Warnungen 0 Metrics 2 CWE 1 References 11

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.1.109

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.50

Linux ≫ Linux Kernel Version >= 6.7 < 6.10.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.012

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/06a3810010b525b9958424e344f0c25b09e128fa

Patch

https://git.kernel.org/stable/c/4711b1347cb9f0c3083da6d87c624d75f9bd1d50

Patch

https://git.kernel.org/stable/c/60f4a4bc3329e5cb8c4df0cc961f0d5ffd96e22d

Patch

https://git.kernel.org/stable/c/c8c19ebf7c0b202a6a2d37a52ca112432723db5f

Patch

https://git.kernel.org/stable/c/befd1dc693c98bad69a701ede3a298698f0f9436

https://git.kernel.org/stable/c/e549cd6da1f21c34ba0f65adeca6a8aa9860b381

https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2024-46821

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-46821

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-46821

EUVD