CVE-2024-46835: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46835 is a vulnerability in the Linux kernel affecting the AMD GPU driver (drm/amdgpu). The issue was discovered and reported on September 27, 2024, involving a NULL pointer dereference in the adev->gfx.imu.funcs component. The vulnerability affects Linux kernel versions up to 6.1.110, versions from 6.2 to 6.6.51, and versions from 6.7 to 6.10.10 (NVD).

The vulnerability is classified as a NULL Pointer Dereference (CWE-476) with a CVSS v3.1 base score of 5.5 (Medium). The issue occurs in the AMD GPU driver where the adev->gfx.imu.funcs pointer could be NULL, potentially leading to a system crash. The vulnerability requires local access and low privileges to exploit (NVD).

The vulnerability could lead to a system crash or denial of service condition when exploited. Since it requires local access and low privileges, the impact is primarily limited to availability with no direct impact on confidentiality or integrity of the system (NVD).

The vulnerability has been fixed in multiple Linux kernel versions. Fixed versions include Linux kernel 6.8.0-50.51 for Ubuntu 24.04 LTS and various other distribution-specific kernel versions. Users are advised to update their systems to the patched versions (Kernel Patch).