CVE-2024-43903

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 26, 2024
Updated: Aug 27, 2024
CWE ID 476

Summary

CVE-2024-43903 addresses a vulnerability in the Linux kernel related to a NULL pointer dereference in the amdgpu_dm_plane_handle_cursor_update function. Affected products include a wide range of AMD GPU drivers, which could potentially be exploited leading to application crashes or denial of service due to the availability impact being rated as high. To remediate this issue, users should apply the latest patches provided by the Linux kernel maintainers, which include a null check for the 'afb' variable to prevent dereferencing when it is null. The vulnerability has a medium severity rating with an exploitability score of 1.8, meaning that low privileges are required for exploitation and no user interaction is necessary. Organizations should prioritize addressing this vulnerability to mitigate risks associated with system downtime and instability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share