blob: 0105f00e5e20648f99ddb5bd056cca89f2b4ebf7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
Description: drm/amdgpu: fix out of bounds write
References:
https://lists.freedesktop.org/archives/amd-gfx/2021-October/070170.html
https://cgit.freedesktop.org/drm/drm/commit/?id=f23750b5b3d98653b31d4469592935ef6364ad67
Notes:
bwh> Introduced in 5.10 by commit 918698d5c2b5 "drm/amd/display: Return the
bwh> number of bytes parsed than allocated". This actually introduced the
bwh> same bug in many debugfs write operations in the same source file.
bwh> One of these is fixed in drm-next, so should be in upstream 5.16-rc1.
carnil> Not directly covered by CVE-2021-42327, but 3f4e54bd312d
carnil> ("drm/amdgpu: Fix even more out of bound writes from debugfs")
carnil> should then be applied as well.
carnil> Fixed as well in 5.14.16 for the 5.14.y series.
Bugs:
upstream: released (5.15) [5afa7898ab7a0ec9c28556a91df714bf3c2f725e]
5.10-upstream-stable: released (5.10.77) [eb3b6805e3e9d98b2507201fd061a231988ce623]
4.19-upstream-stable: N/A "Vulnerability introduced later"
4.9-upstream-stable: N/A "Vulnerability introduced later"
sid: released (5.14.16-1)
5.10-bullseye-security: released (5.10.84-1)
4.19-buster-security: N/A "Vulnerability introduced later"
4.9-stretch-security: N/A "Vulnerability introduced later"
|
