fkie_nvd - fkie_cve-2024-49892

fkie_cve-2024-49892

Vulnerability from fkie_nvd

Published

2024-10-21 18:15

Modified

2025-11-03 23:16

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize get_bytes_per_element's default to 1 Variables, used as denominators and maybe not assigned to other values, should not be 0. bytes_per_element_y & bytes_per_element_c are initialized by get_bytes_per_element() which should never return 0. This fixes 10 DIVIDE_BY_ZERO issues reported by Coverity.

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/1f9f8186e239222f1c8d3dd73bf3bc6ae86c5e76	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/3334ab72cbba55a632f24579cd47c4a4e5e69cda	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4067f4fa0423a89fb19a30b57231b384d77d2610	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/8f0abb39c16e719129de10596b3ae3363fa178b4
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/a23d6029e730f8a151b1a34afb169baac1274583	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/bc00d211da4ffad5314a2043b50bdc8ff8a33724	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c7630935d9a4986e8c0ed91658a781b7a77d73f7	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/f921335123f6620c3dce5c96fbb95f18524a021c	Patch
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB525A44-6338-4857-AD90-EA2860D1AD1F",
              "versionEndExcluding": "5.10.227",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C",
              "versionEndExcluding": "5.15.168",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE",
              "versionEndExcluding": "6.1.113",
              "versionStartIncluding": "5.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0",
              "versionEndExcluding": "6.6.55",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021",
              "versionEndExcluding": "6.10.14",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9",
              "versionEndExcluding": "6.11.3",
              "versionStartIncluding": "6.11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Initialize get_bytes_per_element\u0027s default to 1\n\nVariables, used as denominators and maybe not assigned to other values,\nshould not be 0. bytes_per_element_y \u0026 bytes_per_element_c are\ninitialized by get_bytes_per_element() which should never return 0.\n\nThis fixes 10 DIVIDE_BY_ZERO issues reported by Coverity."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: inicializar el valor predeterminado de get_bytes_per_element en 1. Las variables, utilizadas como denominadores y que quiz\u00e1s no se asignen a otros valores, no deben ser 0. bytes_per_element_y y bytes_per_element_c se inicializan mediante get_bytes_per_element(), que nunca debe devolver 0. Esto corrige 10 problemas de DIVIDE_BY_ZERO informados por Coverity."
    }
  ],
  "id": "CVE-2024-49892",
  "lastModified": "2025-11-03T23:16:29.337",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-21T18:15:11.757",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1f9f8186e239222f1c8d3dd73bf3bc6ae86c5e76"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3334ab72cbba55a632f24579cd47c4a4e5e69cda"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/4067f4fa0423a89fb19a30b57231b384d77d2610"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8f0abb39c16e719129de10596b3ae3363fa178b4"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/a23d6029e730f8a151b1a34afb169baac1274583"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bc00d211da4ffad5314a2043b50bdc8ff8a33724"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c7630935d9a4986e8c0ed91658a781b7a77d73f7"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/f921335123f6620c3dce5c96fbb95f18524a021c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-369"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2024-49892 (GCVE-0-2024-49892)

Vulnerability from cvelistv5

Published

2024-10-21 18:01

Modified

2025-11-03 22:22

Severity ?

Summary

References

URL

Tags

	https://git.kernel.org/stable/c/8f0abb39c16e719129de10596b3ae3363fa178b4
	https://git.kernel.org/stable/c/f921335123f6620c3dce5c96fbb95f18524a021c
	https://git.kernel.org/stable/c/1f9f8186e239222f1c8d3dd73bf3bc6ae86c5e76
	https://git.kernel.org/stable/c/a23d6029e730f8a151b1a34afb169baac1274583
	https://git.kernel.org/stable/c/c7630935d9a4986e8c0ed91658a781b7a77d73f7
	https://git.kernel.org/stable/c/bc00d211da4ffad5314a2043b50bdc8ff8a33724
	https://git.kernel.org/stable/c/3334ab72cbba55a632f24579cd47c4a4e5e69cda
	https://git.kernel.org/stable/c/4067f4fa0423a89fb19a30b57231b384d77d2610

Impacted products

Vendor

Product

Version

Linux

Version: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c
Version: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c
Version: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c
Version: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c
Version: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c
Version: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c
Version: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c
Version: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c

Linux

Version: 4.15

Show details on NVD website