CVE-2024-46804
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/09/2024
Last modified:
03/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
drm/amd/display: Add array index check for hdcp ddc access<br />
<br />
[Why]<br />
Coverity reports OVERRUN warning. Do not check if array<br />
index valid.<br />
<br />
[How]<br />
Check msg_id valid and valid array index.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.10.226 (excluding) | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.167 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.109 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.50 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.10.9 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0ee4387c5a4b57ec733c3fb4365188d5979cd9c7
- https://git.kernel.org/stable/c/2a63c90c7a90ab2bd23deebc2814fc5b52abf6d2
- https://git.kernel.org/stable/c/4e70c0f5251c25885c31ee84a31f99a01f7cf50e
- https://git.kernel.org/stable/c/8b5ccf3d011969417be653b5a145c72dbd30472c
- https://git.kernel.org/stable/c/a3b5ee22a9d3a30045191da5678ca8451ebaea30
- https://git.kernel.org/stable/c/f338f99f6a04d03c802087d82a83561cbd5bdc99
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html