CVE-2024-46804
Published: September 28, 2024Last modified: September 28, 2024
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access [Why] Coverity reports OVERRUN warning. Do not check if array index valid. [How] Check msg_id valid and valid array index.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.110-r0) |
| Stream | linux-lts | Fixed (6.6.58-r0) |
References
- https://git.kernel.org/stable/c/0ee4387c5a4b57ec733c3fb4365188d5979cd9c7
- https://git.kernel.org/stable/c/2a63c90c7a90ab2bd23deebc2814fc5b52abf6d2
- https://git.kernel.org/stable/c/4e70c0f5251c25885c31ee84a31f99a01f7cf50e
- https://git.kernel.org/stable/c/8b5ccf3d011969417be653b5a145c72dbd30472c
- https://git.kernel.org/stable/c/a3b5ee22a9d3a30045191da5678ca8451ebaea30
- https://git.kernel.org/stable/c/f338f99f6a04d03c802087d82a83561cbd5bdc99