CVE-2024-46811: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46811 affects the Linux kernel's AMD display driver, specifically in the drm/amd/display subsystem. The vulnerability was discovered when Coverity reported an OVERRUN warning in the fpu_update_bw_bounding_box function, where soc.num_states could be 40 while the array range of bw_params->clk_table.entries is limited to 8 (Kernel Patch).

The vulnerability exists in the AMD display driver's bandwidth bounding box update function. The issue occurs because the soc.num_states variable could potentially reach 40 (DC__VOLTAGE_STATES), while attempting to access bw_params->clk_table.entries which has a maximum size of 8 (MAX_NUM_DPM_LVL). This mismatch could lead to an array index out of bounds condition. The CVSS v3.1 base score is 7.8 HIGH, with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could allow an attacker with local access to potentially cause a buffer overflow by exceeding array bounds, which could lead to system crashes, memory corruption, or potential code execution with elevated privileges (NVD).

The vulnerability has been patched in the Linux kernel by adding an assertion check to verify if num_states exceeds MAX_NUM_DPM_LVL (8). If the condition is true, the function returns immediately, preventing the buffer overflow. The fix has been implemented in multiple kernel versions including 6.8.0-50.51 for Ubuntu 24.04 LTS (Ubuntu).