CVE-2024-26915 : In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu:

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well.

Published 2024-04-17 16:15:08

Updated 2025-04-08 18:56:19

Source Linux

View at NVD, CVE.org

Products affected by CVE-2024-26915

Linux » Linux Kernel
Versions before (<) 5.15.152
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.16 and before (<) 6.1.82
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.2 and before (<) 6.6.18
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.7 and before (<) 6.7.6
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC1
cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC2
cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2024-26915

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 9 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-26915

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-11-06
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	N/A	N/A	RedHat-CVE-2024-26915	2024-04-17
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2024-26915

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2024-26915

https://git.kernel.org/stable/c/8983397951b4b0bd51bb4b4ba9749424e1ccbb70

drm/amdgpu: Reset IH OVERFLOW_CLEAR bit - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/7330256268664ea0a7dd5b07a3fed363093477dd

drm/amdgpu: Reset IH OVERFLOW_CLEAR bit - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/9a9d00c23d170d4ef5a1b28e6b69f5c85dd12bc1

drm/amdgpu: Reset IH OVERFLOW_CLEAR bit - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/a28f4d1e0bed85943d309ac243fd1c200f8af9a2

drm/amdgpu: Reset IH OVERFLOW_CLEAR bit - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/2827633c9dab6304ec4cdbf369363219832e605d

drm/amdgpu: Reset IH OVERFLOW_CLEAR bit - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2024-26915

Products affected by CVE-2024-26915

Exploit prediction scoring system (EPSS) score for CVE-2024-26915

CVSS scores for CVE-2024-26915

CWE ids for CVE-2024-26915

References for CVE-2024-26915