ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
ELS for PHP
- CVEs
- Releases
- Projects
- Documentation
ELS for Python
- CVEs
- Releases
- Projects
- Documentation
ELS for Dotnet
- CVEs
- Releases
- Projects
- Documentation
ELS for Node.js
- CVEs
- Releases
- Projects
- Documentation

CVE-2024-49894

Updated: 2025-11-19 05:39:03.336334

Description:

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_translate_curve_to_degamma_hw_format` function. The issue could occur when the index 'i' exceeds the number of transfer function points (TRANSFER_FUNC_POINTS). The fix adds a check to ensure 'i' is within bounds before accessing the transfer function points. If 'i' is out of bounds the function returns false to indicate an error. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max

Links	NIST	CIRCL	RHEL	Ubuntu

Severity

	Severity	Score
CVSS Version 2.x		0.0
CVSS Version 3.x	HIGH	7.8

Status

OS name	Project name	Version	Score	Severity	Status	Errata	Last updated	Statement
AlmaLinux 9.2 ESU	kernel	5.14.0	7.8	HIGH	Released	CLSA-2025:1743193221	2024-11-18 16:30:56
CentOS 6 ELS	kernel	2.6.32	7.8	HIGH	Not Vulnerable		2024-11-27 11:57:19
CentOS 7 ELS	kernel	3.10.0	7.8	HIGH	Released	CLSA-2024:1731348593	2024-11-26 11:58:40
CentOS 8.4 ELS	kernel	4.18.0	7.8	HIGH	Released	CLSA-2025:1736778412	2025-01-15 01:13:46
CentOS 8.5 ELS	kernel	4.18.0	7.8	HIGH	Released	CLSA-2025:1736778632	2025-01-15 01:13:46
CentOS Stream 8 ELS	kernel	4.18.0	7.8	HIGH	Released	CLSA-2024:1731431756	2024-11-12 13:29:49
CloudLinux 6 ELS	kernel	2.6.32	7.8	HIGH	Not Vulnerable		2024-11-27 11:57:18
CloudLinux 7 ELS	kernel	3.10.0	7.8	HIGH	Ignored		2025-01-10 22:43:16	CL7 support is limited
Oracle Linux 6 ELS	kernel	2.6.32	7.8	HIGH	Not Vulnerable		2024-11-27 11:57:18
Oracle Linux 7 ELS	kernel	3.10.0	7.8	HIGH	Released	CLSA-2025:1742322442	2025-03-25 03:29:28

Total: 15