Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color transformation function. The issue could occur when the index 'i' exceeds the number of transfer function points (TRANSFER_FUNC_POINTS). The fix adds a check to ensure 'i' is within bounds before accessing the transfer function points. If 'i' is out of bounds, an error message is logged and the function returns false to indicate an error. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:405 cm_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:406 cm_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:407 cm_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.16, < 4.19.316 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/04bc4d1090c343025d69149ca669a27c5b9c34a7Patch
- https://git.kernel.org/stable/c/123edbae64f4d21984359b99c6e79fcde31c6123Patch
- https://git.kernel.org/stable/c/4e8c8b37ee84b3b19c448d2b8e4c916d2f5b9c86Patch
- https://git.kernel.org/stable/c/604c506ca43fce52bb882cff9c1fdf2ec3b4029cPatch
- https://git.kernel.org/stable/c/63ae548f1054a0b71678d0349c7dc9628ddd42caPatch
- https://git.kernel.org/stable/c/7226ddf3311c5e5a7726ad7d4e7b079bb3cfbb29Patch
- https://git.kernel.org/stable/c/98b8a6bfd30d07a19cfacdf82b50f84bf3360869Patch
- https://git.kernel.org/stable/c/ced9c4e2289a786b8fa684d8893b7045ea53ef7ePatch
- https://git.kernel.org/stable/c/e280ab978c81443103d7c61bdd1d8d708cf6ed6dPatch
- https://git.kernel.org/stable/c/04bc4d1090c343025d69149ca669a27c5b9c34a7Patch
- https://git.kernel.org/stable/c/123edbae64f4d21984359b99c6e79fcde31c6123Patch
- https://git.kernel.org/stable/c/4e8c8b37ee84b3b19c448d2b8e4c916d2f5b9c86Patch
- https://git.kernel.org/stable/c/604c506ca43fce52bb882cff9c1fdf2ec3b4029cPatch
- https://git.kernel.org/stable/c/63ae548f1054a0b71678d0349c7dc9628ddd42caPatch
- https://git.kernel.org/stable/c/7226ddf3311c5e5a7726ad7d4e7b079bb3cfbb29Patch
FAQ
What is CVE-2024-38552?
CVE-2024-38552 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color t...
How severe is CVE-2024-38552?
CVE-2024-38552 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-38552?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.