CVE-2023-54150

The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error.

commit 4fc1ba4aa589 ("drm/amd/display: fix array index out of bound error in bios parser") fixed some of this, but there are two other cases not covered by it. Fix those as well.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54150.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

ae79c310b1a6f97429a5784b65f125d9cc9c95b1

Fixed

b8e7589f50b709b647b642531599e70707faf70c

Fixed

66acfe798cd08b36cfbb65a30fab3159811304a7

Fixed

5675ecd2e0b00a4318ba1db1a1234e7d45b13d6b

Fixed

dea2dbec716c38a0b73b6ad01d91e2b120cc5f1e

Fixed

d116db180decec1b21bba31d2ff495ac4d8e1b83

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54150.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.15.0

Fixed

5.10.181

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.113

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.30

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.3.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54150.json"