CVE-2024-26797

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to a potential buffer overflow in the map hw resources function. The function was accessing arrays using an index that could potentially be greater than the size of the arrays, leading to a buffer overflow. A check has been added to ensure that the index is within the bounds of the arrays. If the index is out of bounds, an error message is printed and execution continues with just ignoring extra data early to prevent the buffer overflow. The map hw resources function is located in the drivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml2 wrapper.c file. The vulnerable variables are dml2->v20.scratch.dml to dc pipe mapping.disp cfg to stream id and dml2->v20.scratch.dml to dc pipe mapping.disp cfg to plane id.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.