CVE-2024-47751

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-47751
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47751.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-47751
Downstream
Related
Published
2024-10-21T12:14:16.446Z
Modified
2025-11-28T02:35:19.627834Z
Summary
PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()
Details

In the Linux kernel, the following vulnerability has been resolved:

PCI: kirin: Fix buffer overflow in kirinpcieparse_port()

Within kirinpcieparseport(), the pcie->numslots is compared to pcie->gpioidreset size (MAXPCISLOTS) which is correct and would lead to an overflow.

Thus, fix condition to pcie->numslots + 1 >= MAXPCISLOTS and move pcie->numslots increment below the if-statement to avoid out-of-bounds array access.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

[kwilczynski: commit log]

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47751.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b22dbbb24571c052364f476381dbac110bdca4d5
Fixed
a5f795f9412854df28e66679c5e6b68b0b79c229
Fixed
95248d7497bcbfe7deed4805469c6ff6ddd7f9d1
Fixed
6dcc5b49d6607a741a14122bf3105f3ac50d259e
Fixed
aeb0335971806e15ac91e838ca471936c8e7efd5
Fixed
c500a86693a126c9393e602741e348f80f1b0fc5

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.113
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.54
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.10.13
Type
ECOSYSTEM
Events
Introduced
6.11.0
Fixed
6.11.2