CVE-2024-46871

drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmub_notification_type. Not 5. Using smaller number to create array dmub_callback & dmub_thread_offload has potential to access item out of array bound. Fix it.

Category

7.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/e1896f381d27466c26cb44b4450eae05cd59dfd0
https://git.kernel.org/stable/c/9f404b0bc2df3880758fb3c3bc7496f596f347d7 patch
https://git.kernel.org/stable/c/800a5ab673c4a61ca220cce177386723d91bdb37 patch
https://git.kernel.org/stable/c/c592b6355b9b57b8e59fc5978ce1e14f64488a98 patch
https://git.kernel.org/stable/c/ad28d7c3d989fc5689581664653879d664da76f0 patch

Frequently Asked Questions

What is the severity of CVE-2024-46871?
CVE-2024-46871 has been scored as a high severity vulnerability.
How to fix CVE-2024-46871?
To fix CVE-2024-46871, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-46871 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-46871 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-46871?
CVE-2024-46871 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.