CVE-2024-46816

drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count could up to AMDGPU_DM_MAX_DISPLAY_INDEX 31. [How] Make sure link count less than max_links.

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.07%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/e2411b6abf6e5d6c33d0450846673cdf536f0ba4
https://git.kernel.org/stable/c/e3cd0d8362de47f613bfdf315b3f3a9ab71e66bf
https://git.kernel.org/stable/c/13080d052c995aee14695a5b740c245121eb2bcc
https://git.kernel.org/stable/c/c84632096722fd31251f0957fafc9e90d9a247fd
https://git.kernel.org/stable/c/36c39a8dcce210649f2f45f252abaa09fcc1ae87 patch
https://git.kernel.org/stable/c/cf8b16857db702ceb8d52f9219a4613363e2b1cf patch

Frequently Asked Questions

What is the severity of CVE-2024-46816?
CVE-2024-46816 has been scored as a medium severity vulnerability.
How to fix CVE-2024-46816?
To fix CVE-2024-46816, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-46816 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-46816 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-46816?
CVE-2024-46816 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.