CVE-2024-26914
HIGHDescription
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix incorrect mpc_combine array size [why] MAX_SURFACES is per stream, while MAX_PLANES is per asic. The mpc_combine is an array that records all the planes per asic. Therefore MAX_PLANES should be used as the array size. Using MAX_SURFACES causes array overflow when there are more than 3 planes. [how] Use the MAX_PLANES for the mpc_combine array size.
How to fix
Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
CVSS v3 Vector
Exploitability
Impact
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploit Intelligence
Low risk: more likely to be exploited than 12% of all known CVEs.
References
Related Vulnerabilities
Other CWE-129 vulnerabilities, ordered by exploit likelihood. View all
| CVE | Severity | CVSS | EPSS | Exploited | Fix |
|---|---|---|---|---|---|
| CVE-2021-35592 | Medium | 6.3 | 51% | - | Fix |
| CVE-2021-35598 | Medium | 6.3 | 50% | - | Fix |
| CVE-2021-35594 | Medium | 6.3 | 50% | - | Fix |
| CVE-2022-35737 | High | 7.5 | 19% | - | Fix |
| CVE-2014-6317 | High | 7.1 | 18% | - | - |
| CVE-2023-40477 | High | 7.8 | 13% | - | Fix |
Embed a live status badge for CVE-2024-26914
Markdown
[](https://tridentstack.com/cve/CVE-2024-26914)HTML
<a href="https://tridentstack.com/cve/CVE-2024-26914"><img src="https://tridentstack.com/cve/badge/CVE-2024-26914.svg" alt="CVE-2024-26914"></a>Find and fix vulnerabilities across your fleet
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start freeThis product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-25.