CVE-2024-56695
- Source
- https://cve.org/CVERecord?id=CVE-2024-56695
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56695.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-56695
- Downstream
- Published
- 2024-12-28T09:46:19.468Z
- Modified
- 2026-04-02T12:25:08.115651Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()'
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfdgetcu_occupancy()'
The
kfd_get_cu_occupancyfunction previously declared a largecu_occupancyarray as a local variable, which could lead to stack overflows due to excessive stack usage. This commit replaces the static array allocation with dynamic memory allocation usingkcalloc, thereby reducing the stack size.This change avoids the risk of stack overflows in kernel space, in scenarios where
AMDGPU_MAX_QUEUESis large. The allocated memory is freed usingkfreebefore the function returns to prevent memory leaks.Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/../amdkfd/kfdprocess.c: In function ‘kfdgetcuoccupancy’: drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_process.c:322:1: warning: the frame size of 1056 bytes is larger than 1024 bytes [-Wframe-larger-than=] 322 | } | ^
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56695.json" }- References
-
- https://git.kernel.org/stable/c/6d9f07196389f35a3afebcf1a12c1425725caddd
- https://git.kernel.org/stable/c/922f0e00017b09d9d47e3efac008c8b20ed546a0
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56695.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-56695
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git