CVE-2024-46821 — HIGH (7.8)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDescriptor. V2: fix clk_index return check (Tim Huang)

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Debian	Debian Linux	11.0
Linux	Linux Kernel	< 5.10.236

Related Weaknesses (CWE)

CWE-129

References

https://git.kernel.org/stable/c/06a3810010b525b9958424e344f0c25b09e128faPatch
https://git.kernel.org/stable/c/4711b1347cb9f0c3083da6d87c624d75f9bd1d50Patch
https://git.kernel.org/stable/c/60f4a4bc3329e5cb8c4df0cc961f0d5ffd96e22dPatch
https://git.kernel.org/stable/c/befd1dc693c98bad69a701ede3a298698f0f9436Patch
https://git.kernel.org/stable/c/c8c19ebf7c0b202a6a2d37a52ca112432723db5fPatch
https://git.kernel.org/stable/c/e549cd6da1f21c34ba0f65adeca6a8aa9860b381Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.htmlMailing ListThird Party Advisory

FAQ

What is CVE-2024-46821?

CVE-2024-46821 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDescr...

How severe is CVE-2024-46821?

CVE-2024-46821 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-46821?

Check the references section above for vendor advisories and patch information. Affected products include: Debian Debian Linux, Linux Linux Kernel.