7.8

CVE-2024-44977

drm/amdgpu: Validate TA binary size

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: Validate TA binary size

Add TA binary size validation to avoid OOB write.

(cherry picked from commit c0a04e3570d72aaf090962156ad085e37c62e442)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DebianDebian Linux Version11.0
LinuxLinux Kernel Version >= 5.19 < 6.1.107
LinuxLinux Kernel Version > 6.2 < 6.6.48
LinuxLinux Kernel Version > 6.7 < 6.10.7
LinuxLinux Kernel Version6.11 Updaterc1
LinuxLinux Kernel Version6.11 Updaterc2
LinuxLinux Kernel Version6.11 Updaterc3
LinuxLinux Kernel Version6.11 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.164
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/50553ea7cbd3344fbf40afb065f6a2d38171c1ad
Patch
https://git.kernel.org/stable/c/5ab8793b9a6cc059f503cbe6fe596f80765e0f19
Patch
https://git.kernel.org/stable/c/c99769bceab4ecb6a067b9af11f9db281eea3e2a
Patch
https://git.kernel.org/stable/c/e562415248f402203e7fb6d8c38c1b32fa99220f
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Third Party Advisory
Mailing List