CVE-2024-26797

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26797
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26797.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-26797
Downstream
Published
2024-04-04T08:20:26Z
Modified
2025-10-15T08:23:54.916884Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
drm/amd/display: Prevent potential buffer overflow in map_hw_resources
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Prevent potential buffer overflow in maphwresources

Adds a check in the maphwresources function to prevent a potential buffer overflow. The function was accessing arrays using an index that could potentially be greater than the size of the arrays, leading to a buffer overflow.

Adds a check to ensure that the index is within the bounds of the arrays. If the index is out of bounds, an error message is printed and break it will continue execution with just ignoring extra data early to prevent the buffer overflow.

Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml2wrapper.c:79 maphwresources() error: buffer overflow 'dml2->v20.scratch.dmltodcpipemapping.dispcfgtostreamid' 6 <= 7 drivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml2wrapper.c:81 maphwresources() error: buffer overflow 'dml2->v20.scratch.dmltodcpipemapping.dispcfgtoplaneid' 6 <= 7

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7966f319c66d9468623c6a6a017ecbc0dd79be75
Fixed
50a6302cf881f67f1410461a68fe9eabd00ff31d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7966f319c66d9468623c6a6a017ecbc0dd79be75
Fixed
0f8ca019544a252d1afb468ce840c6dcbac73af4

Affected versions

v6.*

v6.5
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2024-26797-99af1896",
            "signature_type": "Function",
            "target": {
                "file": "drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c",
                "function": "map_hw_resources"
            },
            "deprecated": false,
            "digest": {
                "length": 1265.0,
                "function_hash": "330541912608213846013534812524136582766"
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50a6302cf881f67f1410461a68fe9eabd00ff31d"
        },
        {
            "id": "CVE-2024-26797-9bec6e14",
            "signature_type": "Line",
            "target": {
                "file": "drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "312048367246531523277169068400342514935",
                    "37896577273909636136988044963606220635",
                    "186020294037269306280411900856462895955",
                    "204721727797005630825535252687892459747"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50a6302cf881f67f1410461a68fe9eabd00ff31d"
        },
        {
            "id": "CVE-2024-26797-d422944b",
            "signature_type": "Line",
            "target": {
                "file": "drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "312048367246531523277169068400342514935",
                    "37896577273909636136988044963606220635",
                    "186020294037269306280411900856462895955",
                    "204721727797005630825535252687892459747"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0f8ca019544a252d1afb468ce840c6dcbac73af4"
        },
        {
            "id": "CVE-2024-26797-d5b4040f",
            "signature_type": "Function",
            "target": {
                "file": "drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c",
                "function": "map_hw_resources"
            },
            "deprecated": false,
            "digest": {
                "length": 1265.0,
                "function_hash": "330541912608213846013534812524136582766"
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0f8ca019544a252d1afb468ce840c6dcbac73af4"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.9

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
7966f319c66d
Fixed
50a6302cf881
Type
ECOSYSTEM
Events
Introduced
7966f319c66d
Fixed
0f8ca019544a
Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
6.7