CVE-2024-42120

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Check pipe offset before setting vblank

pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array.

This fixes an OVERRUN issue reported by Coverity.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < b2e9abc95583ac7bbb2c47da4d476a798146dfd6affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 0b3702f9d43d163fd05e43b7d7e22e766dbef329affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < d2c3645a4a5ae5d933b4116c305d9d82b8199dbfaffected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 96bf81cc1bd058bb8af6e755a548e926e934dfd1affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < c5ec2afeeee4c91cebc4eff6d4f1ecf4047259f4affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 5396a70e8cf462ec5ccf2dc8de103c79de9489e6affected
LinuxLinux4.15affected
LinuxLinux0 < 4.15unaffected
LinuxLinux5.10.222 <= 5.10.*unaffected
LinuxLinux5.15.163 <= 5.15.*unaffected
LinuxLinux6.1.98 <= 6.1.*unaffected
LinuxLinux6.6.39 <= 6.6.*unaffected
LinuxLinux6.9.9 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References