Home

Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915/perf: add sentinel to xehp_oa_b_counters Arrays passed to reg_in_range_table should end with empty record. The patch solves KASAN detected bug with signature: BUG: KASAN: global-out-of-bounds in xehp_is_valid_b_counter_addr+0x2c7/0x350 [i915] Read of size 4 at addr ffffffffa1555d90 by task perf/1518 CPU: 4 PID: 1518 Comm: perf Tainted: G U 6.4.0-kasan_438-g3303d06107f3+ #1 Hardware name: Intel Corporation Meteor Lake Client Platform/MTL-P DDR5 SODIMM SBS RVP, BIOS MTLPFWI1.R00.3223.D80.2305311348 05/31/2023 Call Trace: <TASK> ... xehp_is_valid_b_counter_addr+0x2c7/0x350 [i915] (cherry picked from commit 2f42c5afb34b5696cf5fe79e744f99be9b218798)

PUBLISHED Reserved 2025-10-07 | Published 2025-10-07 | Updated 2025-10-07 | Assigner Linux

Product status

Default status
unaffected

0fa9349dda030fa847b36f880a5eea25c3202b66 before 21d92025e80629fd5c25cd6751f8cf38c784dd4a
affected

0fa9349dda030fa847b36f880a5eea25c3202b66 before 785b3f667b4bf98804cad135005e964df0c750de
affected

Default status
affected

6.2
affected

Any version before 6.2
unaffected

6.4.7
unaffected

6.5
unaffected

References

git.kernel.org/...c/21d92025e80629fd5c25cd6751f8cf38c784dd4a

git.kernel.org/...c/785b3f667b4bf98804cad135005e964df0c750de

cve.org (CVE-2023-53646)

nvd.nist.gov (CVE-2023-53646)

Download JSON