Memory Allocation Vulnerability in AMD Graphics Drivers

CVE-2024-56697

Summary

A vulnerability in the AMD graphics drivers within the Linux kernel identified issues in memory allocation during the execution of the amdgpu_discovery_get_nps_info() function. The vulnerability was characterized by a lack of checks for allocation failures, which could potentially lead to dereferencing a null pointer, resulting in application crashes or undefined behavior. The solution involved implementing safety checks and utilizing the kvcalloc() function, which ensures safe memory allocation by checking for multiplication overflow. Furthermore, the output parameters nps_type and range_cnt are now assigned post-memory allocation to guarantee their integrity in case of an allocation error.

References