Products
Linux kernel
linux_kernel
- *
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Tags
CVE-2024-42228 details
Published : July 30, 2024, 8:15 a.m.
Last Modified : July 30, 2024, 8:12 p.m.
Last Modified : July 30, 2024, 8:12 p.m.
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Initialize the size before calling amdgpu_vce_cs_reloc, such as case 0x03000001. V2: To really improve the handling we would actually need to have a separate value of 0xffffffff.(Christian)
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7.0 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-908 | Use of Uninitialized Resource | The product uses or accesses a resource that has not been initialized. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
7.0
Exploitability Score
1.0
Impact Score
5.9
Base Severity
HIGH
Vector String : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References
| URL | Source |
|---|---|
| https://git.kernel.org/stable/c/855ae72c20310e5402b2317fc537d911e87537ef | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/88a9a467c548d0b3c7761b4fd54a68e70f9c0944 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
| https://git.kernel.org/stable/c/f8f120b3de48b8b6bdf8988a9b334c2d61c17440 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CPEs
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
| o | linux | linux_kernel | / | / | / | / | / | / | / | / |
This website uses the NVD API, but is not approved or certified by it.