CVE-2022-48979

MEDIUM

Linux Kernel < 6.0.13 - Array Index Out-of-Bounds in DCN32 DML

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix array index out of bound error in DCN32 DML [Why&How] LinkCapacitySupport array is indexed with the number of voltage states and not the number of max DPPs. Fix the error by changing the array declaration to use the correct (larger) array size of total number of voltage states.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/3d8a298b2e83b98042e6ec726e934f535b23e6aa

Patch

https://git.kernel.org/stable/c/aeffc8fb2174f017a10df114bc312f899904dc68

Scores

CVSS v3 5.5

EPSS 0.0021

EPSS Percentile 10.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-129

Status published

Products (9)

linux/Kernel 4.15.0 - 6.0.13linux

Linux/Linux < 4.15

Linux/Linux 4.15

Linux/Linux 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c - 3d8a298b2e83b98042e6ec726e934f535b23e6aa

Linux/Linux 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c - aeffc8fb2174f017a10df114bc312f899904dc68

Linux/Linux 6.0.13 - 6.0.*

Linux/Linux 6.1

linux/linux_kernel 6.1 rc1 (8 CPE variants)

linux/linux_kernel < 6.0.13

Published Oct 21, 2024

Tracked Since Feb 18, 2026