CVE-2024-56695

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()'

The kfd_get_cu_occupancy function previously declared a large cu_occupancy array as a local variable, which could lead to stack overflows due to excessive stack usage. This commit replaces the static array allocation with dynamic memory allocation using kcalloc, thereby reducing the stack size.

This change avoids the risk of stack overflows in kernel space, in scenarios where AMDGPU_MAX_QUEUES is large. The allocated memory is freed using kfree before the function returns to prevent memory leaks.

Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_process.c: In function ‘kfd_get_cu_occupancy’: drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_process.c:322:1: warning: the frame size of 1056 bytes is larger than 1024 bytes [-Wframe-larger-than=] 322 | } | ^

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6ae9e1aba97e4cdaa31a0bfdc07497ad0e915c84 < 6d9f07196389f35a3afebcf1a12c1425725cadddaffected
LinuxLinux6ae9e1aba97e4cdaa31a0bfdc07497ad0e915c84 < 922f0e00017b09d9d47e3efac008c8b20ed546a0affected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.2 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References