In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix potential out-of-bounds access in
‘amdgpu_discovery_reg_base_init()’ The issue arises when the array
‘adev->vcn.vcn_config’ is accessed before checking if the index
‘adev->vcn.num_vcn_inst’ is within the bounds of the array. The fix
involves moving the bounds check before the array access. This ensures that
‘adev->vcn.num_vcn_inst’ is within the bounds of the array before it is
used as an index. Fixes the below:
drivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c:1289
amdgpu_discovery_reg_base_init() error: testing array offset
‘adev->vcn.num_vcn_inst’ after use.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/cdb637d339572398821204a1142d8d615668f1e9 (6.9-rc1)
git.kernel.org/stable/c/8db10cee51e3e11a6658742465edc21986cf1e8d
git.kernel.org/stable/c/8f3e68c6a3fff53c2240762a47a0045d89371775
git.kernel.org/stable/c/b33d4af102b9c1f7a83d3f0ad3cab7d2bab8f058
git.kernel.org/stable/c/cdb637d339572398821204a1142d8d615668f1e9
launchpad.net/bugs/cve/CVE-2024-27042
nvd.nist.gov/vuln/detail/CVE-2024-27042
security-tracker.debian.org/tracker/CVE-2024-27042
www.cve.org/CVERecord?id=CVE-2024-27042