CVE-2024-46871

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX

[Why & How] It actually exposes '6' types in enum dmub_notification_type. Not 5. Using smaller number to create array dmub_callback & dmub_thread_offload has potential to access item out of array bound. Fix it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < e1896f381d27466c26cb44b4450eae05cd59dfd0affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 9f404b0bc2df3880758fb3c3bc7496f596f347d7affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 800a5ab673c4a61ca220cce177386723d91bdb37affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < c592b6355b9b57b8e59fc5978ce1e14f64488a98affected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < ad28d7c3d989fc5689581664653879d664da76f0affected
LinuxLinux4.15affected
LinuxLinux0 < 4.15unaffected
LinuxLinux5.15.174 <= 5.15.*unaffected
LinuxLinux6.1.109 <= 6.1.*unaffected
LinuxLinux6.6.50 <= 6.6.*unaffected
LinuxLinux6.10.9 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References