Memory Corruption in Linux Kernel Affecting AMD Display Drivers
CVE-2024-56784

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 8 January 2025

Summary

A vulnerability in the Linux kernel related to AMD display drivers was identified, where improper array index handling can lead to memory corruption. This issue arises due to out-of-bounds indices, which, if exploited, may allow attackers to manipulate memory contents. The resolution involves implementing array index checks to ensure indices remain within valid bounds, thus preventing potential corruption and enhancing overall system stability. This fix addresses a critical area in the graphics processing framework, underscoring the importance of rigorous code scrutiny in driver development.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2c437d9a0b496168e1a1defd17b531f0a526dbe9

Linux 6.12.5 <= 6.12.*

References

https://git.kernel.org/stable/c/dff526dc3e27f5484f5ba1147...

https://git.kernel.org/stable/c/2c437d9a0b496168e1a1defd1...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 8, 2025