CVE-2024-50016 - Vulnerability Details

Description

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Published: 2024-10-21

Score: 5.5 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Ubuntu USN	USN-7276-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7277-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7301-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7303-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7303-2	Linux kernel vulnerabilities
Ubuntu USN	USN-7303-3	Linux kernel vulnerabilities
Ubuntu USN	USN-7304-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7310-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7311-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7384-1	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-7384-2	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-7385-1	Linux kernel (IBM) vulnerabilities
Ubuntu USN	USN-7386-1	Linux kernel (OEM) vulnerabilities
Ubuntu USN	USN-7403-1	Linux kernel (HWE) vulnerabilities
Ubuntu USN	USN-7468-1	Linux kernel (Azure, N-Series) vulnerabilities

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://lore.kernel.org/linux-cve-announce/2024102110-CVE-2024-50016-745a@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-50016
https://www.cve.org/CVERecord?id=CVE-2024-50016

History

Sat, 10 May 2025 14:45:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products	Linux Linux linux Kernel
References	https://git.kernel.org/stable/c/26ced9d86240868f5b41708ceee02e6ec2924498 https://git.kernel.org/stable/c/a1495acc6234fa79b775599d3f49009afd53299f https://git.kernel.org/stable/c/a15268787b79fd183dd526cc16bec9af4f4e49a1 https://git.kernel.org/stable/c/adeed800bc30ef718478b28c08f79231e5980e3d

Sat, 10 May 2025 14:15:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow assignment in link_dp_cts sampling_rate is an uint8_t but is assigned an unsigned int, and thus it can overflow. As a result, sampling_rate is changed to uint32_t. Similarly, LINK_QUAL_PATTERN_SET has a size of 2 bits, and it should only be assigned to a value less or equal than 4. This fixes 2 INTEGER_OVERFLOW issues reported by Coverity.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title	drm/amd/display: Avoid overflow assignment in link_dp_cts	kernel: drm/amd/display: Avoid overflow assignment in link_dp_cts
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 28 Oct 2024 17:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-190
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel

Wed, 23 Oct 2024 01:30:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2024102110-CVE-2024-50016-745a@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2024-50016 https://www.cve.org/CVERecord?id=CVE-2024-50016
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Tue, 22 Oct 2024 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 21 Oct 2024 19:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow assignment in link_dp_cts sampling_rate is an uint8_t but is assigned an unsigned int, and thus it can overflow. As a result, sampling_rate is changed to uint32_t. Similarly, LINK_QUAL_PATTERN_SET has a size of 2 bits, and it should only be assigned to a value less or equal than 4. This fixes 2 INTEGER_OVERFLOW issues reported by Coverity.
Title		drm/amd/display: Avoid overflow assignment in link_dp_cts
References		https://git.kernel.org/stable/c/26ced9d86240868f5b41708ceee02e6ec2924498 https://git.kernel.org/stable/c/a1495acc6234fa79b775599d3f49009afd53299f https://git.kernel.org/stable/c/a15268787b79fd183dd526cc16bec9af4f4e49a1 https://git.kernel.org/stable/c/adeed800bc30ef718478b28c08f79231e5980e3d

Subscriptions

No data.

MITRE

Status: REJECTED

Assigner: Linux

Published: 2024-10-21T18:54:07.173Z

Updated: 2025-05-10T14:04:03.592Z

Reserved: 2024-10-21T12:17:06.062Z

Link: CVE-2024-50016

Vulnrichment

Updated:

NVD

Status : Rejected

Published: 2024-10-21T19:15:04.970

Modified: 2025-05-10T14:15:25.337

Link: CVE-2024-50016

Redhat

Severity : Moderate

Publid Date: 2024-10-21T00:00:00Z

Links: CVE-2024-50016 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-190

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object