CVE-2024-46821 — Improper Validation of Array Index in Linux

CWE-129 — Improper Validation of Array Index42 documents7 sources

Severity

7.8HIGHNVD

OSV8.8OSV5.5OSV4.4

EPSS

0.0%

top 98.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +6 more

Timeline

PublishedSep 27

Latest updateJul 18

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDescriptor. V2: fix clk_index return check (Tim Huang)

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages11 packages

▶NVDlinux/linux_kernel6.2 — 6.6.50+2

▶Debianlinux/linux_kernel< 5.10.237-1+3

▶Ubuntulinux/linux_kernel< 5.15.0-142.152+1

▶msrcmsrc/azl3_kernel_6.6.47.1-1_on_azure_linux_3.0

▶msrcmsrc/azl3_kernel_6.6.51.1-5_on_azure_linux_3.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

linux-intel-iotg-5.15 vulnerabilities↗2025-07-18

▶

OSV

linux-raspi vulnerabilities↗2025-07-17

▶

OSV

linux-intel-iotg vulnerabilities↗2025-07-04

▶

OSV

linux-xilinx-zynqmp vulnerabilities↗2025-06-26

▶

OSV

linux-aws vulnerabilities↗2025-06-24

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Intel IoTG) vulnerabilities↗2025-07-18

▶

Ubuntu

Linux kernel (Raspberry Pi) vulnerabilities↗2025-07-17

▶

Ubuntu

Linux kernel (Intel IoTG) vulnerabilities↗2025-07-04

▶

Ubuntu

Linux kernel (Xilinx ZynqMP) vulnerabilities↗2025-06-26

▶

Ubuntu

Linux kernel (AWS) vulnerabilities↗2025-06-24

▶