CVE-2024-56697 – “AMDGPU Linux Kernel Memory Allocation Vulnerability”

CVE ID : CVE-2024-56697

Published : Dec. 28, 2024, 10:15 a.m. | 1 hour, 2 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: Fix the memory allocation issue in amdgpu_discovery_get_nps_info()

Fix two issues with memory allocation in amdgpu_discovery_get_nps_info()
for mem_ranges:

– Add a check for allocation failure to avoid dereferencing a null
pointer.

– As suggested by Christophe, use kvcalloc() for memory allocation,
which checks for multiplication overflow.

Additionally, assign the output parameters nps_type and range_cnt after
the kvcalloc() call to prevent modifying the output parameters in case
of an error return.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-56697 – “AMDGPU Linux Kernel Memory Allocation Vulnerability”