CVE-2024-52557
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get()
This patch fixes a potential integer overflow in the zynqmp_dp_rate_get()
The issue comes up when the expression drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000 is evaluated using 32-bit Now the constant is a compatible 64-bit type.
Resolves coverity issues: CID 1636340 and CID 1635811
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 28edaacb821c69241f6c0be6bbd29f7145f1b44f < 325d889c5403ba20a24097f64c32d27ab993c2c3 | affected |
| Linux | Linux | 28edaacb821c69241f6c0be6bbd29f7145f1b44f < 67a615c5cb6dc33ed35492dc0d67e496cbe8de68 | affected |
| Linux | Linux | 6.13 | affected |
| Linux | Linux | 0 < 6.13 | unaffected |
| Linux | Linux | 6.13.4 <= 6.13.* | unaffected |
| Linux | Linux | 6.14 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/325d889c5403ba20a24097f64c32d27ab993c2c3
- https://git.kernel.org/stable/c/67a615c5cb6dc33ed35492dc0d67e496cbe8de68
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.