CVE-2024-27008

UNKNOWN

Published 2024-05-01T05:29:13.312Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-27008. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

drm: nv04: Fix out of bounds access

When Output Resource (dcb->or) value is assigned in
fabricate_dcb_output(), there may be out of bounds access to
dac_users array in case dcb->or is zero because ffs(dcb->or) is
used as index there.
The 'or' argument of fabricate_dcb_output() must be interpreted as a
number of bit to set, not value.

Utilize macros from 'enum nouveau_or' in calls instead of hardcoding.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Affected Versions:

2e5702aff39532662198459726c624d5eadbdd78 2e5702aff39532662198459726c624d5eadbdd78 2e5702aff39532662198459726c624d5eadbdd78 2e5702aff39532662198459726c624d5eadbdd78 2e5702aff39532662198459726c624d5eadbdd78 2e5702aff39532662198459726c624d5eadbdd78 2e5702aff39532662198459726c624d5eadbdd78 2e5702aff39532662198459726c624d5eadbdd78

Linux