CVE-2024-43908

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 26, 2024
Updated: Aug 27, 2024
CWE ID 476

Summary

CVE-2024-43908 is a vulnerability in the Linux kernel that involves a null pointer dereference related to the ras_manager component of the DRM (Direct Rendering Manager) for AMD GPUs. Affected products include various models such as Qtrc2o, ohMfk4, and many others within the Qtrd and ohMfk series. The risk associated with this vulnerability is considered medium, with a base score of 5.5, indicating that it requires low privileges and no user interaction for exploitation, potentially leading to high availability impact. To remediate this issue, users should apply the relevant patches provided in the linked sources from the Linux kernel repository. Organizations should address this vulnerability promptly to mitigate risks of local attacks that could disrupt system availability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share