{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-27042", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "REJECTED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.212Z", "datePublished": "2024-05-01T12:54:07.719Z", "dateUpdated": "2026-03-23T12:37:33.407Z", "dateRejected": "2026-03-23T12:37:33.407Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-03-23T12:37:33.407Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-27042", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "REJECTED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.212Z", "datePublished": "2024-05-01T12:54:07.719Z", "dateUpdated": "2026-03-23T12:37:33.407Z", "dateRejected": "2026-03-23T12:37:33.407Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-03-23T12:37:33.407Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "id": "CVE-2024-27042", "lastModified": "2026-03-23T13:16:19.430", "metrics": {}, "published": "2024-05-01T13:15:49.690", "references": [], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Rejected"}

{"affected_release": [{"advisory": "RHSA-2024:7001", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:7000", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.22.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2025:8796", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "kernel-0:5.14.0-427.72.1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-06-11T00:00:00Z"}], "bugzilla": {"description": "kernel: drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()'", "id": "2278447", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278447"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()'\nThe issue arises when the array 'adev->vcn.vcn_config' is accessed\nbefore checking if the index 'adev->vcn.num_vcn_inst' is within the\nbounds of the array.\nThe fix involves moving the bounds check before the array access. This\nensures that 'adev->vcn.num_vcn_inst' is within the bounds of the array\nbefore it is used as an index.\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c:1289 amdgpu_discovery_reg_base_init() error: testing array offset 'adev->vcn.num_vcn_inst' after use.", "An out-of-bounds access flaw was found in drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c in the Linux kernel. This issue may lead to a crash."], "name": "CVE-2024-27042", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-27042\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27042\nhttps://lore.kernel.org/linux-cve-announce/2024050113-CVE-2024-27042-e812@gregkh/T"], "statement": "Red Hat has protection mechanisms in place against buffer overflows such as FORTIFY_SOURCE, Position Independent Executables, or Stack Smashing Protection.", "threat_severity": "Moderate"}

{}