CVE-2024-26797

2024-04-0409:15:08

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

buffer overflow

drm/amd/display

vulnerability

map_hw_resources

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Prevent potential buffer overflow in map_hw_resources

Adds a check in the map_hw_resources function to prevent a potential
buffer overflow. The function was accessing arrays using an index that
could potentially be greater than the size of the arrays, leading to a
buffer overflow.

Adds a check to ensure that the index is within the bounds of the
arrays. If the index is out of bounds, an error message is printed and
break it will continue execution with just ignoring extra data early to
prevent the buffer overflow.

Reported by smatch:
drivers/gpu/drm/amd/amdgpu/…/display/dc/dml2/dml2_wrapper.c:79 map_hw_resources() error: buffer overflow ‘dml2->v20.scratch.dml_to_dc_pipe_mapping.disp_cfg_to_stream_id’ 6 <= 7
drivers/gpu/drm/amd/amdgpu/…/display/dc/dml2/dml2_wrapper.c:81 map_hw_resources() error: buffer overflow ‘dml2->v20.scratch.dml_to_dc_pipe_mapping.disp_cfg_to_plane_id’ 6 <= 7

Affected configurations

Vulners

Node

linuxlinux_kernelRange6.7–6.7.9

linuxlinux_kernelRange6.8.0≥

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c"
    ],
    "versions": [
      {
        "version": "7966f319c66d",
        "lessThan": "50a6302cf881",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "7966f319c66d",
        "lessThan": "0f8ca019544a",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c"
    ],
    "versions": [
      {
        "version": "6.7",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.7",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.7.9",
        "lessThanOrEqual": "6.7.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.8",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]