In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check link_index before accessing dc->links[]
[WHY & HOW] dc->links[] has max size of MAX_LINKS and NULL is return when trying to access with out-of-bound index.
This fixes 3 OVERRUN and 1 RESOURCE_LEAK issues reported by Coverity.
{ "vanir_signatures": [ { "deprecated": false, "signature_type": "Function", "target": { "file": "drivers/gpu/drm/amd/display/dc/core/dc_link_exports.c", "function": "dc_get_link_at_index" }, "id": "CVE-2024-46813-57817108", "digest": { "length": 86.0, "function_hash": "126584303890578111013156265166390251939" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ac04759b4a002969cf0f1384f1b8bb2001cfa782" }, { "deprecated": false, "signature_type": "Line", "target": { "file": "drivers/gpu/drm/amd/display/dc/core/dc_link_exports.c" }, "id": "CVE-2024-46813-9519b474", "digest": { "line_hashes": [ "317836096072629648374039322850782997315", "107129004469098504756722321988145889641", "3327019381130303693167087493996306920", "74468451762190726696731175274537084650" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ac04759b4a002969cf0f1384f1b8bb2001cfa782" } ] }