CVE-2024-26699

HIGH

Linux Kernel < 6.7.6 - Array Index Out-of-Bounds in dcn35_clkmgr

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix array-index-out-of-bounds in dcn35_clkmgr [Why] There is a potential memory access violation while iterating through array of dcn35 clks. [How] Limit iteration per array size.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/ca400d8e0c1c9d79c08dfb6b7f966e26c8cae7fb

Patch

https://git.kernel.org/stable/c/46806e59a87790760870d216f54951a5b4d545bc

Scores

CVSS v3 7.8

EPSS 0.0022

EPSS Percentile 12.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-129

Status published

Products (9)

linux/Kernel 6.7.0 - 6.7.6linux

Linux/Linux < 6.7

Linux/Linux 6.7

Linux/Linux 6.7.6 - 6.7.*

Linux/Linux 6.8

Linux/Linux 8774029f76b9806f2f3586bb0502408076767fd5 - 46806e59a87790760870d216f54951a5b4d545bc

Linux/Linux 8774029f76b9806f2f3586bb0502408076767fd5 - ca400d8e0c1c9d79c08dfb6b7f966e26c8cae7fb

linux/linux_kernel 6.8 rc1 (4 CPE variants)

linux/linux_kernel < 6.7.6

Published Apr 03, 2024

Tracked Since Feb 18, 2026