CVE-2024-26817

Summary

In the Linux kernel, the following vulnerability has been resolved:

amdkfd: use calloc instead of kzalloc to avoid integer overflow

This uses calloc instead of doing the multiplication which might overflow.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4a488a7ad71401169cecee75dc94bcce642e2c53 < e6721ea845fcb93a764a92bd40f1afc0d6c69751affected
LinuxLinux4a488a7ad71401169cecee75dc94bcce642e2c53 < 8b0564704255c6b3c6a7188e86939f754e1577c0affected
LinuxLinux4a488a7ad71401169cecee75dc94bcce642e2c53 < fcbd99b3c73309107e3be71f20dff9414df64f91affected
LinuxLinux4a488a7ad71401169cecee75dc94bcce642e2c53 < cbac7de1d9901521e78cdc34e15451df3611f2adaffected
LinuxLinux4a488a7ad71401169cecee75dc94bcce642e2c53 < e6768c6737f4c02cba193a3339f0cc2907f0b86aaffected
LinuxLinux4a488a7ad71401169cecee75dc94bcce642e2c53 < 315eb3c2df7e4cb18e3eacfa18a53a46f2bf0ef7affected
LinuxLinux4a488a7ad71401169cecee75dc94bcce642e2c53 < 0c33d11153949310d76631d8f4a4736519eacd3aaffected
LinuxLinux4a488a7ad71401169cecee75dc94bcce642e2c53 < 3b0daecfeac0103aba8b293df07a0cbaf8b43f29affected
LinuxLinux3.19affected
LinuxLinux0 < 3.19unaffected
LinuxLinux4.19.312 <= 4.19.*unaffected
LinuxLinux5.4.274 <= 5.4.*unaffected
LinuxLinux5.10.215 <= 5.10.*unaffected
LinuxLinux5.15.155 <= 5.15.*unaffected
LinuxLinux6.1.86 <= 6.1.*unaffected
LinuxLinux6.6.27 <= 6.6.*unaffected
LinuxLinux6.8.6 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References