[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <2651470974c130f8026b4c13e91f37ce67dc69fb.camel@oracle.com>
Date: Wed, 24 Jul 2024 10:24:20 +0000
From: Siddh Raman Pant <siddh.raman.pant@...cle.com>
To: "stable@...r.kernel.org" <stable@...r.kernel.org>
CC: "alexander.deucher@....com" <alexander.deucher@....com>,
"amd-gfx@...ts.freedesktop.org" <amd-gfx@...ts.freedesktop.org>,
"kernel-janitors@...r.kernel.org" <kernel-janitors@...r.kernel.org>,
"dri-devel@...ts.freedesktop.org" <dri-devel@...ts.freedesktop.org>,
"dan.carpenter@...aro.org" <dan.carpenter@...aro.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"bob.zhou@....com" <bob.zhou@....com>
Subject: Re: CVE-2024-39471: drm/amdgpu: add error handle to avoid
out-of-bounds
(Mail V2: Send to correct mailing list and CCing relevant people.)
On Tue, 25 Jun 2024 16:29:04 +0200, Greg Kroah-Hartman wrote:
> In the Linux kernel, the following vulnerability has been resolved:
>
> drm/amdgpu: add error handle to avoid out-of-bounds
>
> if the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should
> be stop to avoid out-of-bounds read, so directly return -EINVAL.
>
> The Linux kernel CVE team has assigned CVE-2024-39471 to this issue.
This commit has a bug which was fixed by 6769a23697f1. It should be
immediately backported, otherwise this "fix" doesn't do anything since
gcc will optimise out the check.
Thanks,
Siddh
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists