CVE-2024-46723

HIGH

Linux Kernel < 4.19.322, 4.20.0-6.10.9 - Out-of-bounds Read in AMD GPU Microcode Handler

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ucode out-of-bounds read warning Clear warning that read ucode[] may out-of-bounds.

References (10)

Core 10

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Patch

https://git.kernel.org/stable/c/82ac8f1d02886b5d8aeb9e058989d3bd6fc581e2

Patch

https://git.kernel.org/stable/c/e789e05388854a5436b2b5d8695fdb864c9bcc27

Patch

https://git.kernel.org/stable/c/5f09fa5e0ad45fbca71933a0e024ca52da47d59b

Patch

https://git.kernel.org/stable/c/0bef65e069d84d1cd77ce757aea0e437b8e2bd33

Patch

https://git.kernel.org/stable/c/8981927ebc6c12fa76b30c4178acb462bab15f54

Patch

https://git.kernel.org/stable/c/f2b7a9f3839e92f43559b2795b34640ca8cf839f

Patch

https://git.kernel.org/stable/c/23fefef859c6057e6770584242bdd938254f8ddd

Patch

https://git.kernel.org/stable/c/8944acd0f9db33e17f387fdc75d33bb473d7936f

Scores

CVSS v3 7.1

EPSS 0.0025

EPSS Percentile 16.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-125

Status published

Products (26)

linux/Kernel 4.2.0 - 4.19.322linux

linux/Kernel 4.20.0 - 5.4.284linux

linux/Kernel 5.11.0 - 5.15.167linux

linux/Kernel 5.16.0 - 6.1.109linux

linux/Kernel 5.5.0 - 5.10.226linux

linux/Kernel 6.2.0 - 6.6.50linux

linux/Kernel 6.7.0 - 6.10.9linux

Linux/Linux < 4.2

Linux/Linux 4.19.322 - 4.19.*

Linux/Linux 4.2

... and 16 more

Published Sep 18, 2024

Tracked Since Feb 18, 2026