CVE-2024-36969 is a vulnerability identified in the Linux kernel's AMD GPU driver, specifically within the drm/amd/display component responsible for handling display stream compression (DSC) configuration. The root cause is a division by zero error occurring in the function setup_dsc_config when the parameter slice_height is zero. This parameter is used in calculating the number of slices for DSC, and if it is zero, the division operation triggers a kernel crash. The crash results in the amdgpu driver failing and the kernel entering an unstable state that necessitates a system reboot to recover. The issue was reproduced on a Lenovo Thinkpad Z16 Gen 2 connected to an Apple Studio Display via Thunderbolt, where the crash occurred during system reboot with the monitor connected. The stack trace indicates the failure occurs deep within the amdgpu driver's DSC configuration code. The vulnerability does not appear to allow code execution or privilege escalation but causes a denial of service (DoS) by crashing the kernel. A patch has been released that adds a check to prevent division by zero, thereby stabilizing the driver and preventing the crash when the monitor is connected and the system reboots. No known exploits are reported in the wild, and no CVSS score has been assigned yet. This vulnerability affects Linux kernel versions prior to the patch and specifically impacts systems using AMD GPUs with DSC enabled and connected to certain monitors via Thunderbolt or similar interfaces.

For European organizations, the primary impact of CVE-2024-36969 is a potential denial of service condition on Linux systems using AMD GPUs with DSC enabled. This could lead to unexpected kernel crashes and forced reboots, causing downtime and disruption of critical services, especially in environments relying on Linux workstations or servers with AMD graphics hardware. Organizations using high-end workstations for graphics-intensive tasks, such as media production, design, or scientific visualization, may be particularly affected. The disruption could impact productivity and availability of services. Although this vulnerability does not appear to compromise confidentiality or integrity directly, the forced reboots could interrupt business operations and lead to data loss if unsaved work is lost during crashes. Additionally, systems used in industrial control or embedded environments that rely on Linux with AMD GPUs could experience operational interruptions. Since the vulnerability requires specific hardware configurations and user interaction (reboot with monitor connected), the attack surface is somewhat limited but still relevant for affected setups.

European organizations should prioritize applying the official Linux kernel patch that addresses CVE-2024-36969 to all affected systems running AMD GPUs with DSC support. This patch prevents the division by zero error and stabilizes the amdgpu driver. Organizations should audit their Linux systems to identify those with AMD GPUs and DSC enabled, especially workstations connected to external monitors via Thunderbolt or similar interfaces. Until patched, users should avoid rebooting systems with affected monitors connected to prevent triggering the crash. Monitoring kernel logs for amdgpu driver errors can help detect attempts to exploit or trigger the vulnerability. For critical systems, consider temporarily disabling DSC support in the amdgpu driver if feasible, to mitigate risk until patches are applied. Regularly update Linux kernel versions to incorporate security fixes. Additionally, implement robust backup and recovery procedures to minimize impact from unexpected reboots. Coordination with hardware vendors and IT support teams to validate hardware compatibility with patched kernels is recommended to ensure stability post-update.