CVE-2024-46896

Advisory lineage Upstream: 0 Downstream: 13

Downstream

DEBIAN-CVE-2024-46896 DLA-4076-1 MGASA-2025-0030 MGASA-2025-0032 SUSE-SU-2025:0289-1 SUSE-SU-2025:0428-1

Modified

Published: 11 Jan 2025, 12:35

Last modified:11 May 2026, 20:38

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (nvd)

EPSS Score

0.01% LOW

0% probability -0.03%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

11 Jan 2025, 12:35

Published

Vulnerability first disclosed

11 May 2026, 20:38

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: don't access invalid sched Since 2320c9e6a768 ("drm/sched: memset() 'job' in drm_sched_job_init()") accessing job->base.sched can produce unexpected results as the initialisation of (*job)->base.sched done in amdgpu_job_alloc is overwritten by the memset. This commit fixes an issue when a CS would fail validation and would be rejected after job->num_ibs is incremented. In this case, amdgpu_ib_free(ring->adev, ...) will be called, which would crash the machine because the ring value is bogus. To fix this, pass a NULL pointer to amdgpu_ib_free(): we can do this because the device is actually not used in this function. The next commit will remove the ring argument completely. (cherry picked from commit 2ae520cb12831d264ceb97c61f72c59d33c0dbd7)

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 1%

Techniques & Countermeasures

CWE-476•NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

linux•linux
≥ 166df51487f46b6e997dfeea7ca0c2a970853f07, < 65501a4fd84ecdc0af863dbb37759242aab9f2dd | ≥ 87210234e5a273ebf9c4110a6aa82b8221478daa, < da6b2c626ae73c303378ce9eaf6e3eaf16c9925a | ≥ 2da108b4b5fb7ec04d7e951418ed80e97f7c35ad, < 67291d601f2b032062b1b2f60ffef1b63e10094c | ≥ 2320c9e6a768d135c7b0039995182bb1a4e4fd22, < a93b1020eb9386d7da11608477121b10079c076a | ≥ 6.1.120, < 6.1.122 | ≥ 6.6.66, < 6.6.68 | ≥ 6.12.5, < 6.12.7
linux•linux_kernel
≥ 6.1.120, < 6.1.122 | ≥ 6.6.66, < 6.6.68 | ≥ 6.12.5, < 6.12.7 | 6.13:rc1 | 6.13:rc2 | 6.13:rc3