CVE-2022-48979

MEDIUM5.5

drm/amd/display: fix array index out of bound error in DCN32 DML

Published Oct 21, 2024

Modified 7 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: fix array index out of bound error in DCN32 DML

[Why&How] LinkCapacitySupport array is indexed with the number of voltage states and not the number of max DPPs. Fix the error by changing the array declaration to use the correct (larger) array size of total number of voltage states.

References

WEB

https://git.kernel.org/stable/c/3d8a298b2e83b98042e6ec726e934f535b23e6aa

WEB

https://git.kernel.org/stable/c/aeffc8fb2174f017a10df114bc312f899904dc68

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2022-48979

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedOct 21, 2024

ModifiedJul 11, 2025

CVE-2022-48979 | Mondoo Vulnerability Intelligence