Login Sign Up

CVE-2024-46724

7.1 HIGH

📋 TL;DR

This CVE-2024-46724 is an out-of-bounds read vulnerability in the AMD GPU driver within the Linux kernel. It allows attackers to read kernel memory beyond allocated bounds, potentially leaking sensitive information or causing system instability. Systems using AMD GPUs with affected Linux kernel versions are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel with AMD GPU driver (drm/amdgpu)
Versions: Linux kernel versions containing the vulnerable code before the fix commits
Operating Systems: Linux distributions with affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires AMD GPU hardware and the amdgpu driver to be loaded and active.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory disclosure leading to privilege escalation, system crash, or information leakage of sensitive kernel data.

🟠

Likely Case

System instability, kernel panic, or denial of service through memory corruption.

🟢

If Mitigated

Limited impact if system has proper access controls and no local attackers, though information disclosure risk remains.

🌐 Internet-Facing: LOW - Requires local access to exploit; not directly reachable from network.
🏢 Internal Only: MEDIUM - Local attackers or malicious users could exploit this to gain information or cause system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access to trigger the vulnerable code path; exploitation may require specific GPU operations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel versions containing commits 32915dc909ff502823babfe07d5416c5b6e8a8b1, 45f7b02afc464c208e8f56bcbc672ef5c364c815, 725b728cc0c8c5fafdfb51cb0937870d33a40fa4, d768394fa99467bcf2703bde74ddc96eeb0b71fa, or db7a86676fd624768a5d907faf34ad7bb4ff25f4

Vendor Advisory: https://git.kernel.org/stable/c/32915dc909ff502823babfe07d5416c5b6e8a8b1

Restart Required: Yes

Instructions:

1. Update Linux kernel to a patched version from your distribution. 2. Reboot the system to load the new kernel. 3. Verify the fix is applied by checking kernel version.

🔧 Temporary Workarounds

Disable AMD GPU driver

linux

Temporarily disable the amdgpu kernel module to prevent exploitation

echo 'blacklist amdgpu' >> /etc/modprobe.d/blacklist-amdgpu.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

  • Restrict local user access to systems with AMD GPUs
  • Implement strict access controls and monitoring for GPU-related operations

🔍 How to Verify

Check if Vulnerable:

Check if amdgpu module is loaded: lsmod | grep amdgpu. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes one of the fix commits. Check dmesg for amdgpu driver loading without errors.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • amdgpu driver error messages in dmesg
  • Out of bounds memory access warnings

Network Indicators:

  • None - local exploitation only

SIEM Query:

source="kernel" AND ("amdgpu" OR "out of bounds" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2024-46724
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: September 18, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46724, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)