CVE-2022-48979

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue concerns an array index out of bounds error in the DCN32 DML of the Linux kernel's drm/amd/display component. Specifically, the LinkCapacitySupport array is indexed with the number of voltage states instead of the maximum number of DPPs. The error is fixed by modifying the array declaration to use the correct, larger array size based on the total number of voltage states.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

AZL-51383

BDU:2025-04348

CVE-2022-48979

OPENSUSE-SU-2024_4315-1

OPENSUSE-SU-2024_4376-1

SUSE-SU-2024:4315-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4376-1

Affected Products

Debian

Linux Kernel

Suse

CVE-2022-48979

Weakness Enumeration

Related Identifiers

Affected Products

References · 972