CVE-2024-43901

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 26, 2024
Updated: Aug 27, 2024
CWE ID 476

Summary

CVE-2024-43901 is a vulnerability in the Linux kernel affecting various AMD graphics driver products, specifically related to a NULL pointer dereference that occurs when executing the command cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log. This issue can lead to crashes due to a supervisor instruction fetch error, which may compromise system availability. The vulnerability has a medium severity rating with an exploitability score of 1.8, and it requires low privileges for exploitation without user interaction. To remediate this vulnerability, users should apply patches available from the Linux kernel repository as referenced in the relevant security updates. Organizations utilizing affected products risk potential downtime and service disruptions if this vulnerability is not addressed promptly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share