CVE-2024-52557

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get()

This patch fixes a potential integer overflow in the zynqmp_dp_rate_get()

The issue comes up when the expression drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000 is evaluated using 32-bit Now the constant is a compatible 64-bit type.

Resolves coverity issues: CID 1636340 and CID 1635811

Affected Software

VendorProductVersion RangeStatus
LinuxLinux28edaacb821c69241f6c0be6bbd29f7145f1b44f < 325d889c5403ba20a24097f64c32d27ab993c2c3affected
LinuxLinux28edaacb821c69241f6c0be6bbd29f7145f1b44f < 67a615c5cb6dc33ed35492dc0d67e496cbe8de68affected
LinuxLinux6.13affected
LinuxLinux0 < 6.13unaffected
LinuxLinux6.13.4 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References