Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmub_notification_type. Not 5. Using smaller number to create array dmub_callback & dmub_thread_offload has potential to access item out of array bound. Fix it.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | 11.0 |
| Linux | Linux Kernel | >= 4.15, < 5.15.174 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/800a5ab673c4a61ca220cce177386723d91bdb37Patch
- https://git.kernel.org/stable/c/9f404b0bc2df3880758fb3c3bc7496f596f347d7Patch
- https://git.kernel.org/stable/c/ad28d7c3d989fc5689581664653879d664da76f0Patch
- https://git.kernel.org/stable/c/c592b6355b9b57b8e59fc5978ce1e14f64488a98Patch
- https://git.kernel.org/stable/c/e1896f381d27466c26cb44b4450eae05cd59dfd0Patch
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2024-46871?
CVE-2024-46871 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmub...
How severe is CVE-2024-46871?
CVE-2024-46871 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-46871?
Check the references section above for vendor advisories and patch information. Affected products include: Debian Debian Linux, Linux Linux Kernel.