blob: a4106dd734d06b7751c026485ce873f7bbedfb37 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Description: drm/amdgpu: fix out of bounds write
References:
https://lists.freedesktop.org/archives/amd-gfx/2021-October/070170.html
https://cgit.freedesktop.org/drm/drm/commit/?id=f23750b5b3d98653b31d4469592935ef6364ad67
Notes:
bwh> Introduced in 5.10 by commit 918698d5c2b5 "drm/amd/display: Return the
bwh> number of bytes parsed than allocated". This actually introduced the
bwh> same bug in many debugfs write operations in the same source file.
bwh> One of these is fixed in drm-next, so should be in upstream 5.16-rc1.
carnil> Not directly covered by CVE-2021-42327, but 3f4e54bd312d
carnil> ("drm/amdgpu: Fix even more out of bound writes from debugfs")
carnil> should then be applied as well.
Bugs:
upstream: pending [5afa7898ab7a0ec9c28556a91df714bf3c2f725e]
5.10-upstream-stable: needed
4.19-upstream-stable: N/A "Vulnerability introduced later"
4.9-upstream-stable: N/A "Vulnerability introduced later"
sid: needed
5.10-bullseye-security: needed
4.19-buster-security: N/A "Vulnerability introduced later"
4.9-stretch-security: N/A "Vulnerability introduced later"
|
