AZL-62803

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-62803.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-62803

Upstream

CVE-2024-26914

Published

2024-04-17T16:15:08Z

Modified

2026-04-21T04:32:06.885870Z

Summary

CVE-2024-26914 affecting package kernel 6.6.126.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: fix incorrect mpc_combine array size

[why] MAXSURFACES is per stream, while MAXPLANES is per asic. The mpccombine is an array that records all the planes per asic. Therefore MAXPLANES should be used as the array size. Using MAX_SURFACES causes array overflow when there are more than 3 planes.

[how] Use the MAXPLANES for the mpccombine array size.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-26914

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

6.6.126.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-62803.json"