CVE-2024-46818

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Check gpio_id before used as array index

[WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance.

This fixes 5 OVERRUN issues reported by Coverity.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 8520fdc8ecc38f240a8e9e7af89cca6739c3e790affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 40c2e8bc117cab8bca8814735f28a8b121654a84affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 0184cca30cad74d88f5c875d4e26999e26325700affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 276e3fd93e3beb5894eb1cc8480f9f417d51524daffected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 08e7755f754e3d2cef7d3a7da538d33526bd6f7caffected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 3d4198ab612ad48f73383ad3bb5663e6f0cdf406affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 2a5626eeb3b5eec7a36886f9556113dd93ec8ed6affected
LinuxLinux4.15affected
LinuxLinux0 < 4.15unaffected
LinuxLinux5.4.284 <= 5.4.*unaffected
LinuxLinux5.10.226 <= 5.10.*unaffected
LinuxLinux5.15.167 <= 5.15.*unaffected
LinuxLinux6.1.109 <= 6.1.*unaffected
LinuxLinux6.6.50 <= 6.6.*unaffected
LinuxLinux6.10.9 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References