CVE-2024-43903
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-43903 addresses a vulnerability in the Linux kernel related to a NULL pointer dereference in the amdgpu_dm_plane_handle_cursor_update function. Affected products include a wide range of AMD GPU drivers, which could potentially be exploited leading to application crashes or denial of service due to the availability impact being rated as high. To remediate this issue, users should apply the latest patches provided by the Linux kernel maintainers, which include a null check for the 'afb' variable to prevent dereferencing when it is null. The vulnerability has a medium severity rating with an exploitability score of 1.8, meaning that low privileges are required for exploitation and no user interaction is necessary. Organizations should prioritize addressing this vulnerability to mitigate risks associated with system downtime and instability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.