CVE-2024-46724: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46724 is a vulnerability discovered in the Linux kernel affecting the AMD GPU driver (drm/amdgpu). The issue was identified as an out-of-bounds read vulnerability in the dfv17channelnumber function. The vulnerability affects multiple versions of the Linux kernel, including versions up to 5.10.226, from 5.11 to 5.15.167, from 5.16 to 6.1.109, from 6.2 to 6.6.50, and versions from 6.7 (NVD).

The vulnerability is an out-of-bounds read issue in the AMD GPU driver's dfv17channelnumber function. The problem occurs when the fbchannelnumber value is not properly checked against the array size of dfv17channelnumber, potentially leading to an array out-of-bounds read error. The vulnerability has been assigned a CVSS v3.1 base score of 7.1 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H, indicating local access requirements with low attack complexity (NVD).

The vulnerability could potentially lead to unauthorized access to memory contents through an out-of-bounds read operation in the AMD GPU driver. This could result in information disclosure and potential system crashes, affecting the confidentiality and availability of the system (NVD).

The vulnerability has been patched in various Linux kernel versions. The fix involves adding a proper boundary check for the fbchannelnumber value before accessing the array. The patch has been implemented across multiple kernel versions, including 5.15.0-125.135, 6.8.0-50.51, and other corresponding versions for different distributions (Kernel Patch).