CVE-2024-46871

EPSS 0.04%
Veröffentlicht 09.10.2024 14:15:07
Zuletzt bearbeitet 03.11.2025 23:16:11
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX

[Why & How]
It actually exposes '6' types in enum dmub_notification_type. Not 5. Using smaller
number to create array dmub_callback & dmub_thread_offload has potential to access
item out of array bound. Fix it.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.1.109

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.50

Linux ≫ Linux Kernel Version >= 6.7 < 6.10.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.107

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/800a5ab673c4a61ca220cce177386723d91bdb37

Patch

https://git.kernel.org/stable/c/9f404b0bc2df3880758fb3c3bc7496f596f347d7

Patch

https://git.kernel.org/stable/c/ad28d7c3d989fc5689581664653879d664da76f0

Patch

https://git.kernel.org/stable/c/c592b6355b9b57b8e59fc5978ce1e14f64488a98

Patch

https://git.kernel.org/stable/c/e1896f381d27466c26cb44b4450eae05cd59dfd0

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2024-46871

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-46871

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-46871

EUVD