CVE-2023-54150

In the Linux kernel, the following vulnerability has been resolved:

drm/amd: Fix an out of bounds error in BIOS parser

The array is hardcoded to 8 in atomfirmware.h, but firmware provides
a bigger one sometimes. Deferencing the larger array causes an out
of bounds error.

commit 4fc1ba4aa589 ("drm/amd/display: fix array index out of bound error
in bios parser") fixed some of this, but there are two other cases
not covered by it.  Fix those as well.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.247-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.17.12-1
fixed
sid
6.17.13-1
fixed
References
https://git.kernel.org/stable/c/5675ecd2e0b00a4318ba1db1a1234e7d45b13d6b
https://git.kernel.org/stable/c/66acfe798cd08b36cfbb65a30fab3159811304a7
https://git.kernel.org/stable/c/b8e7589f50b709b647b642531599e70707faf70c
https://git.kernel.org/stable/c/d116db180decec1b21bba31d2ff495ac4d8e1b83
https://git.kernel.org/stable/c/dea2dbec716c38a0b73b6ad01d91e2b120cc5f1e