Security Vulnerabilities - CVEs Published In September 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box
[Why]
Coverity reports OVERRUN warning. soc.num_states could
be 40. But array range of bw_params->clk_table.entries is 8.
[How]
Assert if soc.num_states greater than 8.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-27
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration
[Why]
Coverity reports Memory - illegal accesses.
[How]
Skip inactive planes.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-27
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check link_index before accessing dc->links[]
[WHY & HOW]
dc->links[] has max size of MAX_LINKS and NULL is return when trying to
access with out-of-bound index.
This fixes 3 OVERRUN and 1 RESOURCE_LEAK issues reported by Coverity.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-27
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check msg_id before processing transcation
[WHY & HOW]
HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a valid
array index, and it needs checking before used.
This fixes 4 OVERRUN issues reported by Coverity.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-27
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
[WHY & HOW]
num_valid_sets needs to be checked to avoid a negative index when
accessing reader_wm_sets[num_valid_sets - 1].
This fixes an OVERRUN issue reported by Coverity.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-27
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links
[Why]
Coverity report OVERRUN warning. There are
only max_links elements within dc->links. link
count could up to AMDGPU_DM_MAX_DISPLAY_INDEX 31.
[How]
Make sure link count less than max_links.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-09-27
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
[Why]
Coverity reports OVERRUN warning. Should abort amdgpu_dm
initialize.
[How]
Return failure to amdgpu_dm_init.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-09-27
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check gpio_id before used as array index
[WHY & HOW]
GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore
should be checked in advance.
This fixes 5 OVERRUN issues reported by Coverity.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-27
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: the warning dereferencing obj for nbio_v7_4
if ras_manager obj null, don't print NBIO err data
CVSS Score
5.5
EPSS Score
0.0
Published
2024-09-27
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend
We do not directly enable/disable VCN IRQ in vcn 5.0.0.
And we do not handle the IRQ state as well. So the calls to
disable IRQ and set state are removed. This effectively gets
rid of the warining of
"WARN_ON(!amdgpu_irq_enabled(adev, src, type))"
in amdgpu_irq_put().
CVSS Score
7.8
EPSS Score
0.0
Published
2024-09-27