CVE-2024-26672 Information

Description

In the Linux kernel the following vulnerability has been resolved:

drm/amdgpu: Fix variable ‘mca_funcs’ dereferenced before NULL check in ‘amdgpu_mca_smu_get_mca_entry()’

Fixes the below:

drivers/gpu/drm/amd/amdgpu/amdgpu_mca.c:377 amdgpu_mca_smu_get_mca_entry() warn: variable dereferenced before check ‘mca_funcs’ (see line 368)

357 int amdgpu_mca_smu_get_mca_entry(struct amdgpu_device adev enum amdgpu_mca_error_type type 358 int idx struct mca_bank_entry entry) 359 360 const struct amdgpu_mca_smu_funcs mca_funcs = adev->mca.mca_funcs; 361 int count; 362 363 switch (type) 364 case AMDGPU_MCA_ERROR_TYPE_UE: 365 count = mca_funcs->max_ue_count;

mca_funcs is dereferenced here.

366 break; 367 case AMDGPU_MCA_ERROR_TYPE_CE: 368 count = mca_funcs->max_ce_count;

mca_funcs is dereferenced here.

369 break; 370 default: 371 return -EINVAL; 372
373 374 if (idx >= count) 375 return -EINVAL; 376 377 if (mca_funcs && mca_funcs->mca_get_mca_entry) ^^^^^^^^^

Checked too late!

Reference

https://git.kernel.org/stable/c/7b5d58c07024516c0e81b95e98f37710cf402c53 https://git.kernel.org/stable/c/4f32504a2f85a7b40fe149436881381f48e9c0c0