CVE-2024-46817

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 [Why] Coverity reports OVERRUN warning. Should abort amdgpu_dm initialize. [How] Return failure to amdgpu_dm_init.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/21bbb39863f10f5fb4bf772d15b07d5d13590e9d	Patch
https://git.kernel.org/stable/c/28b515c458aa9c92bfcb99884c94713a5f471cea	Patch
https://git.kernel.org/stable/c/754321ed63f0a4a31252ca72e0bd89a9e1888018	Patch
https://git.kernel.org/stable/c/84723eb6068c50610c5c0893980d230d7afa2105	Patch
https://git.kernel.org/stable/c/94cb77700fa4ae6200486bfa0ba2ac547534afd2	Patch
https://git.kernel.org/stable/c/d398c74c881dee695f6eb6138c9891644e1c3d9d	Patch
https://git.kernel.org/stable/c/d619b91d3c4af60ac422f1763ce53d721fb91262	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2024-09-27 13:15

Updated : 2024-11-20 17:45

NVD link : CVE-2024-46817

Mitre link : CVE-2024-46817

CVE.ORG link : CVE-2024-46817

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2024-46817", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-09-27T13:15:14.493", "references": [{"url": "https://git.kernel.org/stable/c/21bbb39863f10f5fb4bf772d15b07d5d13590e9d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/28b515c458aa9c92bfcb99884c94713a5f471cea", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/754321ed63f0a4a31252ca72e0bd89a9e1888018", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/84723eb6068c50610c5c0893980d230d7afa2105", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/94cb77700fa4ae6200486bfa0ba2ac547534afd2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d398c74c881dee695f6eb6138c9891644e1c3d9d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d619b91d3c4af60ac422f1763ce53d721fb91262", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6\n\n[Why]\nCoverity reports OVERRUN warning. Should abort amdgpu_dm\ninitialize.\n\n[How]\nReturn failure to amdgpu_dm_init."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Detener la inicializaci\u00f3n de amdgpu_dm cuando el n\u00famero de secuencias es mayor que 6 [Por qu\u00e9] Coverity informa una advertencia de OVERRUN. Deber\u00eda abortar la inicializaci\u00f3n de amdgpu_dm. [C\u00f3mo] Devolver el error a amdgpu_dm_init."}], "lastModified": "2024-11-20T17:45:43.893", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6ACBB349-F6C0-4395-8228-F0758C99886A", "versionEndExcluding": "5.4.284", "versionStartIncluding": "5.4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99182B6F-D005-4EA0-A29E-EE793EAF5494", "versionEndExcluding": "5.10.226", "versionStartIncluding": "5.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "043405A4-25FE-45D4-A7BB-2A0C3B7D17C1", "versionEndExcluding": "5.15.167", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "790F505A-7933-48F1-B038-380A8BC5C153", "versionEndExcluding": "6.1.109", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A56A0460-B122-44D6-B0E6-26CE9C891536", "versionEndExcluding": "6.6.50", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4469C96-A86B-4CC3-B2D5-C21B6B72641B", "versionEndExcluding": "6.10.9", "versionStartIncluding": "6.7"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}