CVE-2024-56695

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue concerns the kfd get cu occupancy function, which previously declared a large cu occupancy array as a local variable. This could lead to stack overflows due to excessive stack usage, particularly in scenarios where AMDGPU MAX QUEUES is large. The vulnerability has been resolved by replacing the static array allocation with dynamic memory allocation using kcalloc, reducing the stack size and avoiding the risk of stack overflows in kernel space. The allocated memory is freed using kfree before the function returns to prevent memory leaks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.