-

CVE-2023-54150

EPSS 0.04%
Veröffentlicht 24.12.2025 13:07:01
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

drm/amd: Fix an out of bounds error in BIOS parser

In the Linux kernel, the following vulnerability has been resolved:

drm/amd: Fix an out of bounds error in BIOS parser

The array is hardcoded to 8 in atomfirmware.h, but firmware provides
a bigger one sometimes. Deferencing the larger array causes an out
of bounds error.

commit 4fc1ba4aa589 ("drm/amd/display: fix array index out of bound error
in bios parser") fixed some of this, but there are two other cases
not covered by it.  Fix those as well.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version ae79c310b1a6f97429a5784b65f125d9cc9c95b1

Version < b8e7589f50b709b647b642531599e70707faf70c

Status affected

Version ae79c310b1a6f97429a5784b65f125d9cc9c95b1

Version < 66acfe798cd08b36cfbb65a30fab3159811304a7

Status affected

Version ae79c310b1a6f97429a5784b65f125d9cc9c95b1

Version < 5675ecd2e0b00a4318ba1db1a1234e7d45b13d6b

Status affected

Version ae79c310b1a6f97429a5784b65f125d9cc9c95b1

Version < dea2dbec716c38a0b73b6ad01d91e2b120cc5f1e

Status affected

Version ae79c310b1a6f97429a5784b65f125d9cc9c95b1

Version < d116db180decec1b21bba31d2ff495ac4d8e1b83

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.15

Status affected

Version 0

Version < 4.15

Status unaffected

Version <= 5.10.*

Version 5.10.181

Status unaffected

Version <= 5.15.*

Version 5.15.113

Status unaffected

Version <= 6.1.*

Version 6.1.30

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.101

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/b8e7589f50b709b647b642531599e70707faf70c

https://git.kernel.org/stable/c/66acfe798cd08b36cfbb65a30fab3159811304a7

https://git.kernel.org/stable/c/5675ecd2e0b00a4318ba1db1a1234e7d45b13d6b

https://git.kernel.org/stable/c/dea2dbec716c38a0b73b6ad01d91e2b120cc5f1e

https://git.kernel.org/stable/c/d116db180decec1b21bba31d2ff495ac4d8e1b83

https://nvd.nist.gov/vuln/detail/CVE-2023-54150

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54150

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54150

EUVD