CVE-2024-42118
- Source
- https://cve.org/CVERecord?id=CVE-2024-42118
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42118.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-42118
- Downstream
- Published
- 2024-07-30T07:46:10.486Z
- Modified
- 2026-03-20T12:38:42.412072Z
- Summary
- drm/amd/display: Do not return negative stream id for array
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Do not return negative stream id for array
[WHY] resourcestreamtostreamidx returns an array index and it return -1 when not found; however, -1 is not a valid array index number.
[HOW] When this happens, call ASSERT(), and return a zero instead.
This fixes an OVERRUN and an NEGATIVE_RETURNS issues reported by Coverity.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42118.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57
- https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42118.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-42118
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git