Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2024-46722 |
CWE-ID | CWE-125 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU97508
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-46722
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the amdgpu_atombios_init_mc_reg_table() function in drivers/gpu/drm/amd/amdgpu/amdgpu_atombios.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
CPE2.3http://git.kernel.org/stable/c/5fa4df25ecfc7b6c9006f5b871c46cfe25ea8826
http://git.kernel.org/stable/c/2097edede72ec5bb3869cf0205337d392fb2a553
http://git.kernel.org/stable/c/310b9d8363b88e818afec97ca7652bd7fe3d0650
http://git.kernel.org/stable/c/345bd3ad387f9e121aaad9c95957b80895e2f2ec
http://git.kernel.org/stable/c/b862a0bc5356197ed159fed7b1c647e77bc9f653
http://git.kernel.org/stable/c/d0a43bf367ed640e527e8ef3d53aac1e71f80114
http://git.kernel.org/stable/c/578ae965e8b90cd09edeb0252b50fa0503ea35c5
http://git.kernel.org/stable/c/51dfc0a4d609fe700750a62f41447f01b8c9ea50
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.