Linux Kernel Out-of-Bounds Access Vulnerability in AMD Display Driver

Vulnerability

A vulnerability allowing out-of-bounds access has been identified in the Linux kernel's AMD display driver. The issue arises because the 'hpo_stream_to_link_encoder_mapping' can have a size of up to 4, while the corresponding location can extend up to 6. This discrepancy necessitates a check to ensure the location does not exceed the maximum encoder size. Additionally, the 'disp_cfg_stream_location' can be used as an array index, which should range from 0 to 5, indicating that the ASSERT conditions should be adjusted to be less than or equal to 5.

Impact

Exploitation of this vulnerability could lead to out-of-bounds memory access, potentially causing memory corruption or allowing for arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Out-of-Bounds Access Vulnerability in AMD Display Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating