We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)
Ok

THREATINT
PUBLISHED

CVE-2024-27008

drm: nv04: Fix out of bounds access

Reserved:2024-02-19
Published:2024-05-01
Updated:2024-05-13

Description

In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or) is used as index there. The 'or' argument of fabricate_dcb_output() must be interpreted as a number of bit to set, not value. Utilize macros from 'enum nouveau_or' in calls instead of hardcoding. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Product status

Default status
unaffected

2e5702aff395 before c2b97f26f081
affected

2e5702aff395 before 5050ae879a82
affected

2e5702aff395 before 097c7918fcfa
affected

2e5702aff395 before df0991da7db8
affected

2e5702aff395 before 5fd4b090304e
affected

2e5702aff395 before 6690cc2732e2
affected

2e5702aff395 before 26212da39ee1
affected

2e5702aff395 before cf92bb778eda
affected

Default status
affected

2.6.38
affected

Any version before 2.6.38
unaffected

4.19.313
unaffected

5.4.275
unaffected

5.10.216
unaffected

5.15.157
unaffected

6.1.88
unaffected

6.6.29
unaffected

6.8.8
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/c2b97f26f081ceec3298151481687071075a25cb

https://git.kernel.org/stable/c/5050ae879a828d752b439e3827aac126709da6d1

https://git.kernel.org/stable/c/097c7918fcfa1dee233acfd1f3029f00c3bc8062

https://git.kernel.org/stable/c/df0991da7db846f7fa4ec6740350f743d3b69b04

https://git.kernel.org/stable/c/5fd4b090304e450aa0e7cc9cc2b4873285c6face

https://git.kernel.org/stable/c/6690cc2732e2a8d0eaca44dcbac032a4b0148042

https://git.kernel.org/stable/c/26212da39ee14a52c76a202c6ae5153a84f579a5

https://git.kernel.org/stable/c/cf92bb778eda7830e79452c6917efa8474a30c1e

cve.org CVE-2024-27008

nvd.nist.gov CVE-2024-27008

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-27008