CVE-2024-43899

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 26, 2024
Updated: Aug 27, 2024
CWE ID 476

Summary

CVE-2024-43899 is a vulnerability in the Linux kernel affecting multiple AMD graphics drivers, specifically identified in the dcn20_resource.c file. The flaw can cause a null pointer dereference when using the mpv media player with hardware acceleration and fullscreen playback, potentially leading to system hangs. To remediate this vulnerability, users should apply the relevant patches available from the Linux kernel repositories. The vulnerability has a medium severity rating, with an exploitability score of 1.8, indicating that it requires low privileges and no user interaction for local exploitation. Organizations using affected products may face significant availability impacts due to potential system instability triggered by this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share