CVE-2024-27042
HIGHLinux Kernel - Memory Corruption
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' The issue arises when the array 'adev->vcn.vcn_config' is accessed before checking if the index 'adev->vcn.num_vcn_inst' is within the bounds of the array. The fix involves moving the bounds check before the array access. This ensures that 'adev->vcn.num_vcn_inst' is within the bounds of the array before it is used as an index. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c:1289 amdgpu_discovery_reg_base_init() error: testing array offset 'adev->vcn.num_vcn_inst' after use.
References (4)
Scores
CVSS v3
7.8
EPSS
0.0001
EPSS Percentile
1.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-129
Status
published
Affected Products (4)
linux/linux_kernel
< 6.6.23
linux/Kernel
< 6.6.23linux
linux/Kernel
< 6.7.11linux
linux/Kernel
< 6.8.2linux
Timeline
Published
May 01, 2024
Tracked Since
Feb 18, 2026