CVE-2023-53077
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
[WHY] When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dml_log2 returns an unexpected negative value:
shift exponent 4294966273 is too large for 32-bit type 'int'
[HOW]
In the case PTEBufferSizeInRequests is zero, skip the dml_log2() and assign the result directly.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 6725a88f88a7e922e91c45bf83d320487810c192 < 7257070be70e19a9138f39009c1a26c83a8a7cfa | affected |
| Linux | Linux | 6725a88f88a7e922e91c45bf83d320487810c192 < bec1bea2fa974e63f6059c33edde669c7894d0bc | affected |
| Linux | Linux | 6725a88f88a7e922e91c45bf83d320487810c192 < a16394b5d661afec9a264fecac3abd87aea439ea | affected |
| Linux | Linux | 6725a88f88a7e922e91c45bf83d320487810c192 < e12b95680821b9880cd9992c0f3555389363604f | affected |
| Linux | Linux | 6725a88f88a7e922e91c45bf83d320487810c192 < 031f196d1b1b6d5dfcb0533b431e3ab1750e6189 | affected |
| Linux | Linux | 5.9 | affected |
| Linux | Linux | 0 < 5.9 | unaffected |
| Linux | Linux | 5.10.176 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.104 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.21 <= 6.1.* | unaffected |
| Linux | Linux | 6.2.8 <= 6.2.* | unaffected |
| Linux | Linux | 6.3 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/7257070be70e19a9138f39009c1a26c83a8a7cfa
- https://git.kernel.org/stable/c/bec1bea2fa974e63f6059c33edde669c7894d0bc
- https://git.kernel.org/stable/c/a16394b5d661afec9a264fecac3abd87aea439ea
- https://git.kernel.org/stable/c/e12b95680821b9880cd9992c0f3555389363604f
- https://git.kernel.org/stable/c/031f196d1b1b6d5dfcb0533b431e3ab1750e6189
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.