{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-42118", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-29T15:50:41.178Z", "datePublished": "2024-07-30T07:46:10.486Z", "dateUpdated": "2026-05-11T20:27:20.115Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:27:20.115Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Do not return negative stream id for array\n\n[WHY]\nresource_stream_to_stream_idx returns an array index and it return -1\nwhen not found; however, -1 is not a valid array index number.\n\n[HOW]\nWhen this happens, call ASSERT(), and return a zero instead.\n\nThis fixes an OVERRUN and an NEGATIVE_RETURNS issues reported by Coverity."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/dc/core/dc_resource.c"], "versions": [{"version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c", "lessThan": "a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0", "status": "affected", "versionType": "git"}, {"version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c", "lessThan": "3ac31c9a707dd1c7c890b95333182f955e9dcb57", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/dc/core/dc_resource.c"], "versions": [{"version": "4.15", "status": "affected"}, {"version": "0", "lessThan": "4.15", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.9", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.9.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.10"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0"}, {"url": "https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57"}], "title": "drm/amd/display: Do not return negative stream id for array", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.598Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42118", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:17:07.089426Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:05.637Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.598Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42118", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:17:07.089426Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:14.497Z"}}], "cna": {"title": "drm/amd/display: Do not return negative stream id for array", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c", "lessThan": "a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0", "versionType": "git"}, {"status": "affected", "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c", "lessThan": "3ac31c9a707dd1c7c890b95333182f955e9dcb57", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/amd/display/dc/core/dc_resource.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.15"}, {"status": "unaffected", "version": "0", "lessThan": "4.15", "versionType": "semver"}, {"status": "unaffected", "version": "6.9.9", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/amd/display/dc/core/dc_resource.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0"}, {"url": "https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Do not return negative stream id for array\n\n[WHY]\nresource_stream_to_stream_idx returns an array index and it return -1\nwhen not found; however, -1 is not a valid array index number.\n\n[HOW]\nWhen this happens, call ASSERT(), and return a zero instead.\n\nThis fixes an OVERRUN and an NEGATIVE_RETURNS issues reported by Coverity."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9.9", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.10", "versionStartIncluding": "4.15"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-07-11T17:19:55.458Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42118", "state": "PUBLISHED", "dateUpdated": "2025-07-11T17:19:55.458Z", "dateReserved": "2024-07-29T15:50:41.178Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-30T07:46:10.486Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "49A840D9-3EF1-4F8D-83C8-A1DA6B52D0AF", "versionEndExcluding": "6.9.9", "versionStartIncluding": "4.15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Do not return negative stream id for array\n\n[WHY]\nresource_stream_to_stream_idx returns an array index and it return -1\nwhen not found; however, -1 is not a valid array index number.\n\n[HOW]\nWhen this happens, call ASSERT(), and return a zero instead.\n\nThis fixes an OVERRUN and an NEGATIVE_RETURNS issues reported by Coverity."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: no devolver ID de flujo negativo para la matriz [POR QU\u00c9] Resource_stream_to_stream_idx devuelve un \u00edndice de matriz y devuelve -1 cuando no se encuentra; sin embargo, -1 no es un n\u00famero de \u00edndice de matriz v\u00e1lido. [C\u00d3MO] Cuando esto suceda, llame a ASSERT() y devuelva un cero en su lugar. Esto soluciona problemas de OVERRUN y NEGATIVE_RETURNS informados por Coverity."}], "id": "CVE-2024-42118", "lastModified": "2025-09-29T14:57:08.527", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-30T08:15:04.097", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/amd/display: Do not return negative stream id for array", "id": "2301483", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301483"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/amd/display: Do not return negative stream id for array\n[WHY]\nresource_stream_to_stream_idx returns an array index and it return -1\nwhen not found; however, -1 is not a valid array index number.\n[HOW]\nWhen this happens, call ASSERT(), and return a zero instead.\nThis fixes an OVERRUN and an NEGATIVE_RETURNS issues reported by Coverity.", "A flaw was found in the Linux kernel's drm/amd/display subsystem. The resource_stream_to_stream_idx function previously returned -1 when an index was not found, which is invalid for array indexing. This issue could lead to out-of-bounds access and unexpected negative return values."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-42118", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42118\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42118\nhttps://lore.kernel.org/linux-cve-announce/2024073024-CVE-2024-42118-537b@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}

{"created": "2025-07-12T23:06:12.645739+00:00", "updated": "2025-07-12T23:06:12.645795+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}