CVE-2024-36914

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37

Description A dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as the writeback connector does not support certain features which are not initialized. The issue occurs in the drm/amd/display component when it attempts to write back data. To resolve this, the connector type is checked, and if it is DRM MODE CONNECTOR WRITEBACK, the operation is skipped.

Recommendations Update to Linux kernel version 6.6.37 or later to resolve the issue. As a temporary workaround, consider disabling the writeback feature for the drm/amd/display component until a patch is available.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

AZL-67437

BDU:2025-08071

CVE-2024-36914

DLA-4008-1

DSA-5818-1

MGASA-2024-0263

MGASA-2024-0266

OESA-2024-2029

OESA-2024-2030

OESA-2024-2031

OESA-2024-2076

OPENSUSE-SU-2024_2947-1

SUSE-SU-2024:2802-1

SUSE-SU-2024:2894-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

USN-6949-1

USN-6949-2

USN-6952-1

USN-6952-2

USN-6955-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2024-36914

Weakness Enumeration

Related Identifiers

Affected Products

References · 3012