CVE-2024-50016 Information

Description

In the Linux kernel the following vulnerability has been resolved:

drm/amd/display: Avoid overflow assignment in link_dp_cts

sampling_rate is an uint8_t but is assigned an unsigned int and thus it can overflow. As a result sampling_rate is changed to uint32_t.

Similarly LINK_QUAL_PATTERN_SET has a size of 2 bits and it should only be assigned to a value less or equal than 4.

This fixes 2 INTEGER_OVERFLOW issues reported by Coverity.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Reference

https://git.kernel.org/stable/c/a1495acc6234fa79b775599d3f49009afd53299f https://git.kernel.org/stable/c/26ced9d86240868f5b41708ceee02e6ec2924498 https://git.kernel.org/stable/c/adeed800bc30ef718478b28c08f79231e5980e3d https://git.kernel.org/stable/c/a15268787b79fd183dd526cc16bec9af4f4e49a1

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

5.5