Cyber Resilience

CVE-2024-56784

High

Published: 08 January 2025

Published
08 January 2025
Modified
01 October 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0003 10.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56784 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-56784 is a memory corruption vulnerability in the Linux kernel's drm/amd/display component, stemming from an out-of-bounds array index access. This flaw allows invalid array indices to trigger memory corruption, as documented in the kernel commit resolving it. The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-787 (Out-of-bounds Write).

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables high-impact confidentiality, integrity, and availability violations, potentially leading to arbitrary code execution or system crashes via the memory corruption.

Kernel patches addressing the issue, available at https://git.kernel.org/stable/c/2c437d9a0b496168e1a1defd17b531f0a526dbe9 and https://git.kernel.org/stable/c/dff526dc3e27f5484f5ba11471b9fbbe681467f2, add explicit checks to ensure array indices remain within bounds, preventing the out-of-bounds access. Security practitioners should apply these stable kernel updates to affected systems.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adding array index check to prevent memory corruption [Why & How] Array indices out of bound caused memory corruption. Adding checks to ensure that array index stays in bound.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local kernel memory corruption (OOB write) with low-priv access directly enables exploitation for privilege escalation to root via arbitrary code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-71137Same product: Linux Linux Kernel
CVE-2026-31772Same product: Linux Linux Kernel
CVE-2026-23378Same product: Linux Linux Kernel
CVE-2026-31494Same product: Linux Linux Kernel
CVE-2025-21735Same product: Linux Linux Kernel
CVE-2025-21650Same product: Linux Linux Kernel
CVE-2024-52319Same product: Linux Linux Kernel
CVE-2024-58003Same product: Linux Linux Kernel
CVE-2026-23343Same product: Linux Linux Kernel
CVE-2026-23092Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
≤ 6.12.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the vulnerability by requiring timely remediation through application of kernel patches that add array bounds checks to prevent out-of-bounds memory corruption.

prevent

Implements memory protection safeguards such as bounds checking to protect against unauthorized out-of-bounds array writes causing memory corruption in the kernel.

prevent

Requires validation of information inputs like array indices passed to the drm/amd/display component to prevent invalid indices from triggering out-of-bounds access.

References