Description
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later
Product status
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before d05ba46134d07e889de7d23cf8503574a22ede09
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before cfa9148bafb2d3292b65de1bac79dcca65be2643
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before b8fab6aebdf2115ec2d7bd2f3498d5b911ff351e
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before e6825b30d37fe89ceb87f926d33d4fad321a331e
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before c0d7dbc6b7a61a56028118c00af2c8319d44a682
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 2e1be420b86980c25a75325e90dfc3fc73126f61
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 25e634d7f44eb13113139040e5366bebe48c882f
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before f828b681d0cd566f86351c0b913e6cb6ed8c7b9c
4.14.324 (semver)
4.19.293 (semver)
5.4.255 (semver)
5.10.192 (semver)
5.15.123 (semver)
6.1.42 (semver)
6.4.7 (semver)
6.5 (original_commit_for_fix)
References
git.kernel.org/...c/d05ba46134d07e889de7d23cf8503574a22ede09
git.kernel.org/...c/cfa9148bafb2d3292b65de1bac79dcca65be2643
git.kernel.org/...c/b8fab6aebdf2115ec2d7bd2f3498d5b911ff351e
git.kernel.org/...c/e6825b30d37fe89ceb87f926d33d4fad321a331e
git.kernel.org/...c/c0d7dbc6b7a61a56028118c00af2c8319d44a682
git.kernel.org/...c/2e1be420b86980c25a75325e90dfc3fc73126f61
git.kernel.org/...c/25e634d7f44eb13113139040e5366bebe48c882f
git.kernel.org/...c/f828b681d0cd566f86351c0b913e6cb6ed8c7b9c
