Early Access — Mondoo Vulnerability Intelligence is currently in preview.
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix the memory allocation issue in amdgpu_discovery_get_nps_info()
Fix two issues with memory allocation in amdgpu_discovery_get_nps_info() for mem_ranges:
Add a check for allocation failure to avoid dereferencing a null pointer.
As suggested by Christophe, use kvcalloc() for memory allocation, which checks for multiplication overflow.
Additionally, assign the output parameters nps_type and range_cnt after the kvcalloc() call to prevent modifying the output parameters in case of an error return.
Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:NI:NA:H5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H