CVE-2022-50781

In the Linux kernel, the following vulnerability has been resolved:

amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()

In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is capped at
2 but not checked for negative values so it results in an out of bounds
read.  This value comes from the user via sysfs.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.247-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.17.12-1
fixed
sid
6.17.13-1
fixed
References
https://git.kernel.org/stable/c/4d3dc0de9c46d9f73be6bac026e40b893e37ea21
https://git.kernel.org/stable/c/8084bd0a64e278314b733993f388d83a86aa1183
https://git.kernel.org/stable/c/85273b4a7076ed5328c8ace02234e4e7e10972d5
https://git.kernel.org/stable/c/a03625ad11b50429930f4c491d6c97e70f2ba89a
https://git.kernel.org/stable/c/d27252b5706e51188aed7647126e44dcf9e940c1
https://git.kernel.org/stable/c/f289a38df0da4cfe4b50d04b1b9c3bc646fecd57