SB20240531212 - Out-of-bounds read in Linux kernel powerplay hwmgr driver

Description

This security bulletin contains information about 1 security vulnerability.

1) Out-of-bounds read (CVE-ID: CVE-2023-52819)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the drivers/gpu/drm/amd/powerplay/hwmgr/pptable_v1_0.h. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6
• https://git.kernel.org/stable/c/a63fd579e7b1c3a9ebd6e6c494d49b1b6cf5515e
• https://git.kernel.org/stable/c/d50a56749e5afdc63491b88f5153c1aae00d4679
• https://git.kernel.org/stable/c/8c1dbddbfcb051e82cea0c197c620f9dcdc38e92
• https://git.kernel.org/stable/c/a237675aa1e62bbfaa341c535331c8656a508fa1
• https://git.kernel.org/stable/c/d0725232da777840703f5f1e22f2e3081d712aa4
• https://git.kernel.org/stable/c/7c68283f3166221af3df5791f0e13d3137a72216
• https://git.kernel.org/stable/c/b3b8b7c040cf069da7afe11c5bd73b870b8f3d18
• https://git.kernel.org/stable/c/0f0e59075b5c22f1e871fbd508d6e4f495048356
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.331
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.300
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.202
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.140
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.262
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.64
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.13
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.3
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7