Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(uint32_t), will cause uninitialized memory to be referenced later.
Product status
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 9f55d300541cb5b435984d269087810581580b00
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before c3deb091398e9e469d08dd1599b6d76fd6b29df8
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 87c2213e85bd81e4a9a4d0880c256568794ae388
6.1.47 (semver)
6.4.12 (semver)
6.5 (original_commit_for_fix)
References
git.kernel.org/...c/9f55d300541cb5b435984d269087810581580b00
git.kernel.org/...c/c3deb091398e9e469d08dd1599b6d76fd6b29df8
git.kernel.org/...c/87c2213e85bd81e4a9a4d0880c256568794ae388
