Thelford Williams

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.14.15 **Description** The issue allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within `parse write buffer into params` when it uses the size of `copy from user` to copy a userspace buffer into a 40-byte heap buffer. This occurs in the `dp link settings write` function in the `amdgpu dm debugfs.c` file. **Recommendations** For Linux kernel versions prior to 5.14.15, update to version 5.14.15 or later to resolve the issue. As a temporary workaround, consider restricting access to the AMD GPU display drivers debug filesystem to minimize the risk of exploitation.