CVE-2024-46772
📋 TL;DR
A divide-by-zero vulnerability in the AMD display driver component of the Linux kernel could cause kernel crashes or system instability. This affects Linux systems with AMD graphics hardware when specific display configurations trigger the unvalidated division operation. The vulnerability requires local access to exploit.
💻 Affected Systems
- Linux kernel with AMD display driver (drm/amd/display)
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or system instability.
Likely Case
System crash or instability when specific display operations are performed, requiring reboot to restore functionality.
If Mitigated
Minimal impact with proper access controls and monitoring; crashes would be logged and systems could be automatically recovered.
🎯 Exploit Status
Requires local access and ability to trigger specific display operations; not trivial to exploit but possible for determined attackers.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 04805efe8623f8721f3c01182ea73d68e88c62d8, b9264aa24f628eba5779d1c916441e0cedde9b3d, ea79068d4073bf303f8203f2625af7d9185a1bc6, or ede06d23392529b039cf7ac11b5875b047900f1c
Vendor Advisory: https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Restrict local access
linuxLimit local user access to systems with AMD graphics hardware
Disable vulnerable display features
linuxAvoid display configurations that might trigger the vulnerable code path
🧯 If You Can't Patch
- Implement strict access controls to limit local user privileges
- Monitor system logs for kernel panic events and implement automated recovery procedures
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if AMD graphics driver is loaded: 'uname -r' and 'lsmod | grep amdgpu'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and check for presence of fix commits in kernel source📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- Divide by zero errors in kernel logs
- System crash/reboot events
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("divide by zero" OR "panic" OR "Oops")🔗 References
- https://git.kernel.org/stable/c/04805efe8623f8721f3c01182ea73d68e88c62d8
- https://git.kernel.org/stable/c/b9264aa24f628eba5779d1c916441e0cedde9b3d
- https://git.kernel.org/stable/c/ea79068d4073bf303f8203f2625af7d9185a1bc6
- https://git.kernel.org/stable/c/ede06d23392529b039cf7ac11b5875b047900f1c
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
