Avoid Integer Overflow in amdkfd Using Calloc
CVE-2024-26817

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
13 April 2024

Badges

๐Ÿ“ฐ News Worthy

What is CVE-2024-26817?

In the Linux kernel, the following vulnerability has been resolved:

amdkfd: use calloc instead of kzalloc to avoid integer overflow

This uses calloc instead of doing the multiplication which might overflow.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 4a488a7ad71401169cecee75dc94bcce642e2c53

Linux 4a488a7ad71401169cecee75dc94bcce642e2c53 < 8b0564704255c6b3c6a7188e86939f754e1577c0

Linux 4a488a7ad71401169cecee75dc94bcce642e2c53

News Articles

favicon imageprophaze.com

CVE-2024-26817 : LINUX KERNEL UP TO 6.8.5 AMDKFD KZALLOC INTEGER OVERFLOW - Cloud WAF

CVE-2024-26817 : In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow.

References

https://git.kernel.org/stable/c/e6721ea845fcb93a764a92bd4...
https://git.kernel.org/stable/c/8b0564704255c6b3c6a7188e8...
https://git.kernel.org/stable/c/fcbd99b3c73309107e3be71f2...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ“ฐ

    First article discovered by prophaze.com

  • Vulnerability published

  • Vulnerability Reserved

JSON
.