CVE-2024-42228

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Jul 30, 2024
CWE ID 908

Summary

CVE-2024-42228 is a vulnerability affecting the Linux kernel. In the drm/amdgpu driver, an issue was discovered where the size value was not initialized before being used in the call to amdgpu_vce_cs_reloc. This could potentially lead to unintended behavior or crashes. To mitigate this issue, the size value should be initialized prior to making the call, such as in case 0x03000001. A more effective solution would involve having a separate value set to 0xffffffff to improve handling.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share