CVE-2023-54150

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd: Fix an out of bounds error in BIOS parser

The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error.

commit 4fc1ba4aa589 ("drm/amd/display: fix array index out of bound error in bios parser") fixed some of this, but there are two other cases not covered by it. Fix those as well.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxae79c310b1a6f97429a5784b65f125d9cc9c95b1 < b8e7589f50b709b647b642531599e70707faf70caffected
LinuxLinuxae79c310b1a6f97429a5784b65f125d9cc9c95b1 < 66acfe798cd08b36cfbb65a30fab3159811304a7affected
LinuxLinuxae79c310b1a6f97429a5784b65f125d9cc9c95b1 < 5675ecd2e0b00a4318ba1db1a1234e7d45b13d6baffected
LinuxLinuxae79c310b1a6f97429a5784b65f125d9cc9c95b1 < dea2dbec716c38a0b73b6ad01d91e2b120cc5f1eaffected
LinuxLinuxae79c310b1a6f97429a5784b65f125d9cc9c95b1 < d116db180decec1b21bba31d2ff495ac4d8e1b83affected
LinuxLinux4.15affected
LinuxLinux0 < 4.15unaffected
LinuxLinux5.10.181 <= 5.10.*unaffected
LinuxLinux5.15.113 <= 5.15.*unaffected
LinuxLinux6.1.30 <= 6.1.*unaffected
LinuxLinux6.3.4 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References