7.8

CVE-2024-27008

drm: nv04: Fix out of bounds access

In the Linux kernel, the following vulnerability has been resolved:

drm: nv04: Fix out of bounds access

When Output Resource (dcb->or) value is assigned in
fabricate_dcb_output(), there may be out of bounds access to
dac_users array in case dcb->or is zero because ffs(dcb->or) is
used as index there.
The 'or' argument of fabricate_dcb_output() must be interpreted as a
number of bit to set, not value.

Utilize macros from 'enum nouveau_or' in calls instead of hardcoding.

Found by Linux Verification Center (linuxtesting.org) with SVACE.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.38 < 4.19.313
LinuxLinux Kernel Version >= 4.20 < 5.4.275
LinuxLinux Kernel Version >= 5.5 < 5.10.216
LinuxLinux Kernel Version >= 5.11 < 5.15.157
LinuxLinux Kernel Version >= 5.16 < 6.1.88
LinuxLinux Kernel Version >= 6.2 < 6.6.29
LinuxLinux Kernel Version >= 6.7 < 6.8.8
LinuxLinux Kernel Version6.9 Updaterc1
LinuxLinux Kernel Version6.9 Updaterc2
LinuxLinux Kernel Version6.9 Updaterc3
LinuxLinux Kernel Version6.9 Updaterc4
DebianDebian Linux Version10.0
FedoraprojectFedora Version38
FedoraprojectFedora Version39
FedoraprojectFedora Version40
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.208
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Third Party Advisory
Mailing List
https://git.kernel.org/stable/c/097c7918fcfa1dee233acfd1f3029f00c3bc8062
Patch
Mailing List
https://git.kernel.org/stable/c/26212da39ee14a52c76a202c6ae5153a84f579a5
Patch
Mailing List
https://git.kernel.org/stable/c/5050ae879a828d752b439e3827aac126709da6d1
Patch
Mailing List
https://git.kernel.org/stable/c/5fd4b090304e450aa0e7cc9cc2b4873285c6face
Patch
Mailing List
https://git.kernel.org/stable/c/6690cc2732e2a8d0eaca44dcbac032a4b0148042
Patch
Mailing List
https://git.kernel.org/stable/c/c2b97f26f081ceec3298151481687071075a25cb
Patch
Mailing List
https://git.kernel.org/stable/c/cf92bb778eda7830e79452c6917efa8474a30c1e
Patch
Mailing List
https://git.kernel.org/stable/c/df0991da7db846f7fa4ec6740350f743d3b69b04
Patch
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/
Third Party Advisory
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/
Third Party Advisory
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/
Third Party Advisory
Mailing List