CVE-2024-42117— drm/amd/display: ASSERT when failing to find index by plane/stream id

EPSS 0.02% · P5 Updated May 13, 2026

Affected Version Matrix 6

Vendor	Product	Version Range	Status
Linux	Linux	`7966f319c66d9468623c6a6a017ecbc0dd79be75< a9c047a5cf3135b8b66bd28fbe2c698b9cace0b3`	affected
		`7966f319c66d9468623c6a6a017ecbc0dd79be75< 01eb50e53c1ce505bf449348d433181310288765`	affected
		`6.7`	affected
		`< 6.7`	unaffected
		`6.9.9≤ 6.9.*`	unaffected
		`6.10≤ *`	unaffected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-42117

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

drm/amd/display: ASSERT when failing to find index by plane/stream id

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: ASSERT when failing to find index by plane/stream id [WHY] find_disp_cfg_idx_by_plane_id and find_disp_cfg_idx_by_stream_id returns an array index and they return -1 when not found; however, -1 is not a valid index number. [HOW] When this happens, call ASSERT(), and return a positive number (which is fewer than callers' array size) instead. This fixes 4 OVERRUN and 2 NEGATIVE_RETURNS issues reported by Coverity.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞，该漏洞源于drm/amd/display模块中在查找某些索引时，如果未找到则返回-1，但-1不是一个有效的索引号。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	7966f319c66d9468623c6a6a017ecbc0dd79be75 ~ a9c047a5cf3135b8b66bd28fbe2c698b9cace0b3	-
Linux	Linux	6.7	-

II. Public POCs for CVE-2024-42117

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-42117

请登录查看更多情报信息。

Same Patch Batch · Linux · 2024-07-30 · 70 CVEs total

CVE-2024-42146		drm/xe: Add outer runtime_pm protection to xe_live_ktest@xe_dma_buf
CVE-2024-42227		drm/amd/display: Fix overlapping copy within dml_core_mode_programming
CVE-2024-42225		wifi: mt76: replace skb_put with skb_put_zero
CVE-2024-42153		i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
CVE-2024-42152		nvmet: fix a possible leak when destroy a ctrl during qp establishment
CVE-2024-42151		bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable
CVE-2024-42150		net: txgbe: remove separate irq request for MSI and INTx
CVE-2024-42149		fs: don't misleadingly warn during thaw operations
CVE-2024-42148		bnx2x: Fix multiple UBSAN array-index-out-of-bounds
CVE-2024-42147		crypto: hisilicon/debugfs - Fix debugfs uninit process issue
CVE-2024-42154		tcp_metrics: validate source addr length
CVE-2024-42145		IB/core: Implement a limit on UMAD receive List
CVE-2024-42144		thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data
CVE-2024-42142		net/mlx5: E-switch, Create ingress ACL when needed
CVE-2024-42141		Bluetooth: ISO: Check socket flag instead of hcon
CVE-2024-42140		riscv: kexec: Avoid deadlock in kexec crash path
CVE-2024-42138		mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file
CVE-2024-42139		ice: Fix improper extts handling
CVE-2024-42137		Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
CVE-2024-42136		cdrom: rearrange last_media_change check to avoid unintentional overflow

Showing top 20 of 70 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2024-42117

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-42117— drm/amd/display: ASSERT when failing to find index by plane/stream id

Affected Version Matrix 6

I. Basic Information for CVE-2024-42117

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-42117

III. Intelligence Information for CVE-2024-42117

Same Patch Batch · Linux · 2024-07-30 · 70 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-42117

Leave a comment