CVE-2024-35788 is a vulnerability identified in the Linux kernel, specifically within the Direct Rendering Manager (DRM) subsystem for AMD graphics hardware. The flaw arises in the handling of display clock levels for the DCN3.5 (Display Core Next 3.5) architecture. The vulnerability is due to an incorrect bounds check where the variable NumFclkLevelsEnabled is used instead of the correct NumDcfClkLevelsEnabled when validating array indices for DcfClocks. This discrepancy can lead to an array index out-of-bounds access, which is a memory safety issue. Such out-of-bounds access can cause undefined behavior including potential kernel crashes (denial of service), data corruption, or could be leveraged by an attacker to execute arbitrary code with kernel privileges if combined with other vulnerabilities or conditions. The issue was resolved by correcting the bounds check to use the designated variable for DCN3.5 DcfClocks, ensuring proper validation of array indices and preventing out-of-bounds access. The vulnerability affects specific Linux kernel versions identified by commit hashes, and no known exploits are currently reported in the wild. The lack of a CVSS score indicates the vulnerability is newly disclosed and not yet fully assessed for severity by standard scoring systems.

For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with AMD graphics hardware utilizing the DCN3.5 display engine, which is common in desktops, laptops, and servers with AMD GPUs. Potential impacts include system instability or crashes, which can disrupt business operations, especially in environments relying on Linux for critical infrastructure or services. In worst-case scenarios, if exploited in conjunction with other vulnerabilities, it could lead to privilege escalation and unauthorized control over affected systems, compromising confidentiality and integrity of data. Organizations in sectors such as finance, healthcare, government, and technology that rely heavily on Linux-based systems with AMD GPUs could face operational disruptions or data breaches. The absence of known exploits reduces immediate risk, but the vulnerability should be addressed promptly to prevent future exploitation.

Organizations should promptly apply the official Linux kernel patches that correct the bounds check in the DRM AMD display driver for DCN3.5. Since this is a kernel-level vulnerability, updating to the latest stable kernel version containing the fix is critical. For environments where immediate patching is not feasible, consider temporarily disabling or restricting access to AMD GPU features related to DCN3.5 if possible, to reduce attack surface. Monitoring system logs for unusual behavior or crashes related to the DRM subsystem can help detect exploitation attempts. Additionally, implement strict access controls and limit user privileges to reduce the risk of local exploitation. Regularly audit and update all kernel modules and drivers to ensure they are current and free from known vulnerabilities. Engage with Linux distribution vendors for timely security updates and advisories.