{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-49894","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-10-21T12:17:06.025Z","datePublished":"2024-10-21T18:01:28.360Z","dateUpdated":"2025-11-03T22:22:58.352Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-07-11T17:20:55.732Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in degamma hardware format translation\n\nFixes index out of bounds issue in\n`cm_helper_translate_curve_to_degamma_hw_format` function. The issue\ncould occur when the index 'i' exceeds the number of transfer function\npoints (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure 'i' is within bounds before accessing the\ntransfer function points. If 'i' is out of bounds the function returns\nfalse to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c"],"versions":[{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"b3dfa878257a7e98830b3009ca5831a01d8f85fc","status":"affected","versionType":"git"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"f5f6d90087131812c1e4b9d3103f400f1624396d","status":"affected","versionType":"git"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"c130a3c09e3746c1a09ce26c20d21d449d039b1d","status":"affected","versionType":"git"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"c6979719012a90e5b8e3bc31725fbfdd0b9b2b79","status":"affected","versionType":"git"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"2495c8e272d84685403506833a664fad932e453a","status":"affected","versionType":"git"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"122e3a7a8c7bcbe3aacddd6103f67f9f36bed473","status":"affected","versionType":"git"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"2f5da549535be8ccd2ab7c9abac8562ad370b181","status":"affected","versionType":"git"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"07078fa5d589a7fbce8f81ea8acf7aa0021ab38e","status":"affected","versionType":"git"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"b7e99058eb2e86aabd7a10761e76cae33d22b49f","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c"],"versions":[{"version":"4.15","status":"affected"},{"version":"0","lessThan":"4.15","status":"unaffected","versionType":"semver"},{"version":"4.19.323","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.285","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.227","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.168","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.113","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.55","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.14","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11.3","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.323"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.4.285"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.10.227"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.15.168"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.1.113"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.6.55"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.10.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.11.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"6.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/b3dfa878257a7e98830b3009ca5831a01d8f85fc"},{"url":"https://git.kernel.org/stable/c/f5f6d90087131812c1e4b9d3103f400f1624396d"},{"url":"https://git.kernel.org/stable/c/c130a3c09e3746c1a09ce26c20d21d449d039b1d"},{"url":"https://git.kernel.org/stable/c/c6979719012a90e5b8e3bc31725fbfdd0b9b2b79"},{"url":"https://git.kernel.org/stable/c/2495c8e272d84685403506833a664fad932e453a"},{"url":"https://git.kernel.org/stable/c/122e3a7a8c7bcbe3aacddd6103f67f9f36bed473"},{"url":"https://git.kernel.org/stable/c/2f5da549535be8ccd2ab7c9abac8562ad370b181"},{"url":"https://git.kernel.org/stable/c/07078fa5d589a7fbce8f81ea8acf7aa0021ab38e"},{"url":"https://git.kernel.org/stable/c/b7e99058eb2e86aabd7a10761e76cae33d22b49f"}],"title":"drm/amd/display: Fix index out of bounds in degamma hardware format translation","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-49894","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-10-22T13:43:53.969023Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-22T13:48:48.651Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:22:58.352Z"}}]}}