Re: CVE-2024-39471: drm/amdgpu: add error handle to avoid out-of-bounds

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



(Mail V2: Send to correct mailing list and CCing relevant people.)

On Tue, 25 Jun 2024 16:29:04 +0200, Greg Kroah-Hartman wrote:
> In the Linux kernel, the following vulnerability has been resolved:
> 
> drm/amdgpu: add error handle to avoid out-of-bounds
> 
> if the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should
> be stop to avoid out-of-bounds read, so directly return -EINVAL.
> 
> The Linux kernel CVE team has assigned CVE-2024-39471 to this issue.

This commit has a bug which was fixed by 6769a23697f1. It should be
immediately backported, otherwise this "fix" doesn't do anything since
gcc will optimise out the check.

Thanks,
Siddh

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux