CVE-2024-39471: drm/amdgpu: add error handle to avoid out-of-bounds
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: add error handle to avoid out-of-bounds
if the sdmav40irqidtoseq return -EINVAL, the process should be stop to avoid out-of-bounds read, so directly return -EINVAL.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: add error handle to avoid out-of-bounds
The Linux kernel CVE team has assigned CVE-2024-39471 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024062501-CVE-2024-39471-3dee@gregkh/T
— Red Hat
Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds read in sdmav40.c. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-39471?
CVE-2024-39471 is classified as a medium severity vulnerability in the Linux kernel.
How do I fix CVE-2024-39471?
To fix CVE-2024-39471, update the Linux kernel to at least version 5.4.278, 5.10.219, 5.15.161, 6.1.94, 6.6.34, 6.9.5, or 6.10.
Which Linux kernel versions are affected by CVE-2024-39471?
CVE-2024-39471 affects Linux kernel versions prior to 5.4.278, 5.10.219, 5.15.161, 6.1.94, 6.6.34, 6.9.5, and 6.10.
Is CVE-2024-39471 specific to any Linux distribution?
Yes, CVE-2024-39471 has been identified in the Linux kernel packages from Red Hat and Debian.
What type of vulnerability is CVE-2024-39471?
CVE-2024-39471 is an out-of-bounds read vulnerability in the Linux kernel's drm/amdgpu driver.