7.8

CVE-2023-53077

drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes

[WHY]
When PTEBufferSizeInRequests is zero, UBSAN reports the following
warning because dml_log2 returns an unexpected negative value:

  shift exponent 4294966273 is too large for 32-bit type 'int'

[HOW]

In the case PTEBufferSizeInRequests is zero, skip the dml_log2() and
assign the result directly.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.9 < 5.10.176
LinuxLinux Kernel Version >= 5.11 < 5.15.104
LinuxLinux Kernel Version >= 5.16 < 6.1.21
LinuxLinux Kernel Version >= 6.2 < 6.2.8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.071
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/7257070be70e19a9138f39009c1a26c83a8a7cfa
Patch
https://git.kernel.org/stable/c/bec1bea2fa974e63f6059c33edde669c7894d0bc
Patch
https://git.kernel.org/stable/c/a16394b5d661afec9a264fecac3abd87aea439ea
Patch
https://git.kernel.org/stable/c/e12b95680821b9880cd9992c0f3555389363604f
Patch
https://git.kernel.org/stable/c/031f196d1b1b6d5dfcb0533b431e3ab1750e6189
Patch