CVE-2024-41061

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport

[Why] Potential out of bounds access in dml2_calculate_rq_and_dlg_params() because the value of out_lowest_state_idx used as an index for FCLKChangeSupport array can be greater than 1.

[How] Currently dml2 core specifies identical values for all FCLKChangeSupport elements. Always use index 0 in the condition to avoid out of bounds access.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7966f319c66d9468623c6a6a017ecbc0dd79be75 < 94166fe12543fbef122ca2d093e794ea41073a85affected
LinuxLinux7966f319c66d9468623c6a6a017ecbc0dd79be75 < 0ad4b4a2f6357c45fbe444ead1a929a0b4017d03affected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux6.9.11 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References