In the Linux kernel, the following vulnerability has been resolved:
drm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address
Commit bd077259d0a9 ("drm/i915/vdsc: Add function to read any PPS
register") defines a new macro to calculate the DSC PPS register
addresses with PPS number as an input. This macro correctly calculates
the addresses till PPS 11 since the addresses increment by 4. So in that
case the following macro works correctly to give correct register
address:
_MMIO(_DSCA_PPS_0 + (pps) * 4)
However after PPS 11, the register address for PPS 12 increments by 12
because of RC Buffer memory allocation in between. Because of this
discontinuity in the address space, the macro calculates wrong addresses
for PPS 12 - 16 resulting into incorrect DSC PPS parameter value
read/writes causing DSC corruption.
This fixes it by correcting this macro to add the offset of 12 for PPS
>=12.
v3: Add correct paranthesis for pps argument (Jani Nikula)
(cherry picked from commit 6074be620c31dc2ae11af96a1a5ea95580976fb5)
References
Configurations
Configuration 1 (hide)
|
History
17 Mar 2025, 16:01
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-131 | |
| CPE | cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:* |
|
| First Time |
Linux linux Kernel
Linux |
|
| References | () https://git.kernel.org/stable/c/962ac2dce56bb3aad1f82a4bbe3ada57a020287c - Patch | |
| References | () https://git.kernel.org/stable/c/ff5999fb03f467e1e7159f0ddb199c787f7512b9 - Patch | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
Information
Published : 2024-04-03 15:15
Updated : 2025-03-17 16:01
NVD link : CVE-2024-26721
Mitre link : CVE-2024-26721
CVE.ORG link : CVE-2024-26721
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-131
Incorrect Calculation of Buffer Size