CVE-2024-46816
Published: September 28, 2024Last modified: September 28, 2024
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count could up to AMDGPU_DM_MAX_DISPLAY_INDEX 31. [How] Make sure link count less than max_links.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Vulnerable (6.1.134-r0) |
| Stream | linux-lts | Fixed (6.6.89-r0) |
References
- https://git.kernel.org/stable/c/13080d052c995aee14695a5b740c245121eb2bcc
- https://git.kernel.org/stable/c/36c39a8dcce210649f2f45f252abaa09fcc1ae87
- https://git.kernel.org/stable/c/c84632096722fd31251f0957fafc9e90d9a247fd
- https://git.kernel.org/stable/c/cf8b16857db702ceb8d52f9219a4613363e2b1cf
- https://git.kernel.org/stable/c/e2411b6abf6e5d6c33d0450846673cdf536f0ba4
- https://git.kernel.org/stable/c/e3cd0d8362de47f613bfdf315b3f3a9ab71e66bf