CVE-2024-52557

In the Linux kernel, the following vulnerability has been resolved:

drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get()

This patch fixes a potential integer overflow in the zynqmp_dp_rate_get()

The issue comes up when the expression drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000 is evaluated using 32-bit Now the constant is a compatible 64-bit type.

Resolves coverity issues: CID 1636340 and CID 1635811

Published: Feb 27, 2025
Updated: May 4, 2025
CVE: CVE-2024-52557
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-190

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	6.13	6.13.4

https://git.kernel.org/stable/c/325d889c5403ba20a24097f64c32d27ab993c2c3
https://git.kernel.org/stable/c/67a615c5cb6dc33ed35492dc0d67e496cbe8de68

Vulnerability Database

CVE-2024-52557