Re: CVE-2024-46808: drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_range

From: Michal Koutný
Date: Wed Oct 02 2024 - 10:18:18 EST


On Mon, Sep 30, 2024 at 09:09:18PM GMT, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
> It's a good fix for those without that option enabled :)

Users with panic_on_warn=0 will see a warning but there'll be a NULL
pointer floating around. (That's not good for kernel code.) There is no
code flow change here. It's not a vulnerability fix.

There are other fixes that I've seen recently that at least change the
code flow:

- CVE-2024-46805: drm/amdgpu: fix the waring dereferencing hive
- CVE-2024-46811: kernel: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box
- CVE-2024-46812: kernel: drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration

(These are not vulnerability fixes for panic_on_warn=1 though.)

So these CVE numbers point out potential vulnerabilities but the
associated patches don't fix them (generally).

> Agreed, it could be fixed better.

Let me Cc also Alex (last S-O-B on them) to be aware of that.

I think I can't do more at the moment.

Regards,
Michal

Attachment: signature.asc
Description: PGP signature