Oracle Linux: CVE-2024-42120: ELSA-2024-12618: Unbreakable Enterprise kernel security update (IMPORTANT) (Multiple Advisories)
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity. A vulnerability in the DRM/AMD/display subsystem in the Linux Kernel was resolved by adding a check for the `pipe_ctx` index before accessing the `vblank` array. This fix addresses an out-of-bounds access issue reported by Coverity, preventing potential memory corruption and enhancing system stability. The check ensures that the index is within the valid range, safeguarding against buffer overruns.
Solution(s)
- oracle-linux-upgrade-kernel-uek
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center