Out-of-bounds Write Affecting kernel-syms package, versions <6.4.0-150600.23.25.1
Threat Intelligence
EPSS
0.04% (6th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-SLES156-KERNELSYMS-8178065
- published 10 Oct 2024
- disclosed 9 Oct 2024
Introduced: 9 Oct 2024
New CVE-2024-46725 Open this link in a new tabHow to fix?
Upgrade SLES:15.6 kernel-syms to version 6.4.0-150600.23.25.1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-syms package and not the kernel-syms package as distributed by SLES.
See How to fix? for SLES:15.6 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix out-of-bounds write warning
Check the ring type value to fix the out-of-bounds write warning
References
- https://www.suse.com/security/cve/CVE-2024-46725.html
- https://bugzilla.suse.com/1230705
- https://git.kernel.org/stable/c/130bee397b9cd52006145c87a456fd8719390cb5
- https://git.kernel.org/stable/c/919f9bf9997b8dcdc132485ea96121e7d15555f9
- https://git.kernel.org/stable/c/a60d1f7ff62e453dde2d3b4907e178954d199844
- https://git.kernel.org/stable/c/be1684930f5262a622d40ce7a6f1423530d87f89
- https://git.kernel.org/stable/c/c253b87c7c37ec40a2e0c84e4a6b636ba5cd66b2
- https://git.kernel.org/stable/c/cf2db220b38301b6486a0f11da24a0f317de558c
CVSS Scores
version 3.1