CVE-2022-48979

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: fix array index out of bound error in DCN32 DML

[Why&How] LinkCapacitySupport array is indexed with the number of voltage states and not the number of max DPPs. Fix the error by changing the array declaration to use the correct (larger) array size of total number of voltage states.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 3d8a298b2e83b98042e6ec726e934f535b23e6aaaffected
LinuxLinux4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < aeffc8fb2174f017a10df114bc312f899904dc68affected
LinuxLinux4.15affected
LinuxLinux0 < 4.15unaffected
LinuxLinux6.0.13 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References